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A  Wider  Net 


Wireless  directory 
draws  cheers,  jeers 


Has  IE  dug 
itself  a  hole? 


When  silence 
sounds  too, 
well,  silent 

'Comfort  noise'  gives 
a  warm,  fuzzy  feeling. 

■  BY  TIM  GREENE 

When  Bob  Longhini 
was  evaluating  VoIP 
gear,  an  unexpected 
problem  came  up  that 
turned  out  to  be  nothing. 

Actually,  it  turned  out  to 
be  too  much  nothing.The 
trouble  was  that  silence  on 
the  VoIP  line  when  someone 
stopped  talking  was  so 
stark,  so  dead, so  absolute, 
that  people  at  the  other  end 
See  Noise,  page  57 
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■  BY  DENISE  PAPPALARDO 

The  wireless  industry  insists  that 
customers  are  clamoring  for 
directory  assistance  for  mobile 
phone  numbers, although  critics 

—  including  IT  executives 

—  say  the  move  carries 
unacceptable  risks  for 
businesses. 

The  Cellular  Telecom- 
munications 
Industry  Asso¬ 
ciation  (CTIA) 
and  five  of  the 
six  largest  wire¬ 
less  carriers  are 
developing  a  plan  to  include 
wireless  phone  numbers  in  a 
database  accessible  by  dialing 
4 1 1  as  early  as  the  first  quarter  of 
next  year. 

The  CTIA,  AT&T  Wireless,  Cin- 
gular  Wireless,  Nextel  Communi¬ 
cations,  Sprint  PCS  and  T-Mobile 
are  behind  the  effort.  Verizon 
Wireless  denounces  the  directory 
initiative,  saying  it  compromises 
user  privacy  and  is  unnecessary 

“Let’s,  as  an  industry  stop  push¬ 
ing  something  on  customers  that 
they  clearly  don’t  want,”  Verizon 
Wireless  CEO  Denny  Strigl  said 
at  a  recent  conference.  “It’s  a 
dumb  idea.” 

Backers  of  the  directory  insist 
privacy  will  be  paramount.  The 
group  will  use  one  unnamed 


aggregator  to  store  the  numbers 
in  a  database.  The  CTIA  says  the 
numbers  will  not  be  published, 
posted  on  the  Internet  or  sold, 
but  would  only  be  available  to 
4 1 1  operators. 

Users  must  formally  re¬ 
quest  to  have  their  num¬ 
ber  included  in  the 
directory  If  no  request  is 
made,  the  number  will 
remain  private. 
Neither  choice 
will  come  with 
any  additional 
cost  to  sub¬ 
scribers,  accord¬ 
ing  to  the  carriers  and  CTIA.  This 
is  particularly  important,  as  users 
who  opt  in  to  the  directory  could 
be  looking  at  higher  usage  rates 
because  wireless  users  pay  for  all 
incoming  and  outgoing  calls. 

Such  assurances  have  not  been 
enough  to  squelch  criticism  of 
the  proposal. 

“At  RKA  Petroleum,  privacy  is  a 
huge  issue,  especially  since  65% 
of  our  cellular  fleet  is  with  our 

See  Wireless,  page  16 


■  BY  JOHN  FONTANA 

When  another  security  hole 
was  uncovered  in  Microsoft 
Internet  Explorer  last  week,  the 
third  in  the  past  month,  the  U.S. 

Browser  dominance 


Mozilla 

1.8% 


SOURCE: 
ONESTAT  COM 


Computer  Emergency  Readiness 
Team  issued  six  workarounds  to 
minimize  vulnerability,  including 
a  suggestion  to  switch  to  another 


browser.  Although  the  idea  of 
ditching  IE  created  lots  of  indus¬ 
try  buzz,  the  reality  of  such  a 
move  is  much  different. 

“Impossible,”  says  Jim  Knight, 
senior  desktop  systems  analyst 
for  a  $2.7  billion 
global  restaurant 
company  he  didn’t 
want  identified. 

“It  would  take  a 
complete  rewrite  of 
quite  a  few  applica¬ 
tions  and  would  be 
similar  to  switching 
from  Windows  to 
Linux  for  us,”  he  says. 
“We  have  too  many 
applications  that 
require  IE  5.5  or 
greater,  and  if  we 
were  to  switch  brow¬ 
sers  more  than  half 
of  our  client  base  would  be 
unable  to  perform  their  jobs.” 

US-CERT’s  advice  to  switch 
See  Microsoft,  page  14 


Network  executives 
share  their  wisdom 


Tony  Scott,  CTO  for  GM’s  Information  Systems  & 
Services  organization,  offers  his  thoughts  on: 

•  How  the  carmaker  has  slashed  more  than  $1  billion 

off  its  annual  IT  budget.  C  :  j 

•  The  keys  to  consolidation.  .5  4 

•  The  ins  and  outs  of  outsourcing. 

•  Web  services.  'i’ll 


lilt’s  a  dumb  idea.  11 

Denny  Strigl 

CEO,  Verizon  Wireless 


Microsoft’s  Internet  Explorer  is  the 
de  facto  standard  based  on  its 
overwhelming  share  of  the  market. 
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The  ultra  reliable  IBM  eServer  xSeries  365  system  -  with  powerful  Intel®  Xeon™  processors  -  can  make  your  work,  and 
IT  selection  process,  easier.  With  three  levels  of  memory  protection  and  a  comprehensive  monitoring  of  key  components,  it’s 
all  about  uptime.  So  you  get  outstanding  reliability  when  running  mission-critical  ERR  collaboration  and  database  applications. 
The  works.  Management  is  easier,  too.  You  can  have  around-the-clock  remote  access,  on  demand.  And  system  status  can  be 
available  even  when  powered  off.  For  more  on  highly  available,  manageable  xSeries  servers,  go  to  ibm.com/eserver/advantage 


5  reasons  more  and  more  businesses  are  turning  to  IBM  eServer ™  xSeries*  systems  with  Intel  Xeon  processors. 


Scale  1-16  way  with  select 

IBM  Director  systems 

Linux-ready  through 

Mainframe-inspired 

24/7/365  optional  onsite 

models.  Pay  as  you  grow. 

management. 

the  entire  line. 

technologies. 

hardware  support.1 

@  server 


The  easy  choice.  Dependability. 
IBM  eServer  xSeries  365  system. 


Additional  charges  apply  Standard  support  includes  next-business-day  response  in  some  countries.  IBM.  the  e-business  logo,  eServer,  the  eServer  logo  and  xSeries  are  trademarks  or  registered  trademarks  ot  International 
Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Intel,  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the 
United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2004  IBM  Corporation.  All  rights  reserved. 


BrightStor®  ARCserve®  Backup  Release  11 

Faster  and  easier  to  use  than  ever. 

When  it  comes  to  data  backup  and  recovery,  you  want  a  reliable,  high-performance  solution  you 
can  count  on.  That's  why  we've  created  BrightStor  ARCserve  Backup  Release  11,  featuring  the 
very  latest  in  storage  innovations.  BrightStor  ARCserve  Backup  is  faster  and  easier  than  ever, 
enhancing  both  efficiency  and  productivity.  And  with  CA's  superior  technology,  you  can  be 
confident  your  files  are  properly  backed  up  and  will  easily  be  restored  should  a  disaster  occur. 
For  more  information,  go  to  ca.com/storage/arcserve. 
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■  8  IBM  gives  servers  a  boost  with  Power5. 

■  8  Polycom,  Tandberg  enhance  videoconferencing  gear. 

■  10  Siemens  updates  presence,  collaboration  suite. 

■  lONetlQ  brings  voice  into  apps  management. 

■  12  Sales  shortfalls  rattle  key  software  vendors. 

■  12  The  Other  side:  Hardware  revenue  should  be  up. 

■  14  Microsoft  aims  to  save  SIB  this  fiscal  year. 

■  16  Tablus  expands  capacity  of  content-protection  appliances. 


Features 


Un-wiring  the  wireless  LAN 

Mesh  networking  lets  you  connect  multiple  access  points  without  having  to  wire  each  one  to  your  backbone 
network.  Page  36. 


CLEAR  CHOICE 


TEST 


Operating  systems 


SCO's  UnixWare  wins  high  marks  in  our  performance  testing.  Page  39. 


Infrastructure 

■  17  Dell  continues  network  battle. 

■  17  Siemens  exec  talks  up  VoIP. 

■  18  Dave  Kearns:  Searching 
for  the  ideal  search  engine. 


Technology 

Update 

■  29  FTTP  boosts  bandwidth  in 
the  last  mile. 

■  29  Steve  Blass:  Ask  Dr. 

Internet. 


Enterprise 

Applications 

■  21  Tools  help  manage  domain 
names. 


■  32  Mark  Gibbs:  Secure 
communications  with  SSH,  Part  2. 

■  32  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 


■  21  Qovia  ready  to  take  on  VoIP 
spam. 

■  22  Scott  Bradner:  Maybe 
you  shouldn't  digitize  your 
communications. 

■  24  Special  Focus: 

Start-ups  automate  global  trade 
functions. 

Service  Providers 

■  25  ISPs  look  inward  to  address 
spam. 

■  26  Johna  Till  Johnson: 

As  for  spectrum  allocation? . . . 
Let's  get  crazy. 


Opinions 

■  34  On  Technology:  Putting 
the  wraps  on  smelly  phish. 

■  35  Justin  Castillo:  Smart 
contracts  make  smooth  flights. 

■  35  James  Kobielus: 

Empire-building  not  needed. 

■  58  BackSpin:  Adverts  No, 
blocking  Yes, 

■  58  ’Net  Buzz:  Something 
about  the  'Net  keeps  people  from 
seeing  right  vs.  wrong. 

■  52  Career  classifieds. 

Management 

Strategies 


■  44  In  the  firing  line:  When  you 
have  to  let  an  employee  go,  take 
steps  to  make  the  termination 
process  less  painful. 


InFocus'  LP-120 
projector  is  easy 
to  set  up  and  use. 
Page  32. 


ProductPeek: 


LANsurveyor  8.5  for  Windows  provides  the  only  network  map  you'll  ever  need.  Page  40. 


CLEAR  CHOICE  # 
I^HTEST 


Security  auditing  tools 

SecurityExpressions  3.1  from  Pedestal  Networks  aids  in  security  enforcement.  Page  42. 
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1  Exclusive 

Network  World  Fusion  Radio: 

WiMAX  in  the  air 

What  is  WiMAX?  Will  it  replace  DSL  or  cable  modems  for  last-mile 
access?  We  get  the  scoop  from  Craig  Mathias,  a  principal  at  the  Farpoint 
Group  and  presenter  on  the  Network  World  Wireless  LAN  Technology 
Tour.  Available  in  Windows  Media,  Real  and  MP3.  Listen  now. 

DocFinder:  2779 

Tests/reviews  archive 

If  you’re  in  the  market  for  new  hardware  or  software,  consult  our 
tests/reviews  archive  to  see  which  network  products  are  best  in  show  and 
which  are  best  to  avoid. 

DocFinder:  1739 

Free  downloads 

From  application  development  and  databases  to  management  and  security, 
check  out  our  free  and/or  evaluation  software. 

DocFinder:  2536 

Seminars  and  events  i 


Weekly  Webcast  Newsletter 

The  weekly  Webcast  Newsletter  brings  you  information  on  Webcasts  avail¬ 
able  on  Network  World  Fusion  —  your  24-7  source  for  the  latest  solu¬ 
tions  and  strategies,  complete  with  links,  resources  and  personal  answers 
you  need.  Covering  vital  topics  such  as  security,  applications  and  wireless, 
our  Webcasts  are  highly  focused,  single-topic  briefings  from  experts  in 
technology.  Sign  up  today.  DocFinder:  2542 

■  CONTACT  US  Network  World,  118Turnpike  Road,  Southborough, 
MA  01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438; 

E-mail:  nwnews@nww.com;  STAFF:  See  the  masthead  on  page  12 
for  more  contact  information.  REPRINTS:  (717)  399-1900 

SUBSCRIPTIONS/CHANGE  OF  ADDRESS:  Phone:  (508)  490-6444; 
Fax:  (508)  490-6400;  E-mail:  nwcirc@nww.com; 

URL;  www.subscribenw.com 


Columnists 

Nutter's  Help  Desk 

Setting  up  a  test  network 

Help  Desk  guru  Ron  Nutter  advises  a  reader  on  how  to  set  up  a 
test  network  to  evaluate  intrusion  detection  and  other  security 
options  DocFinder:  2780 

Telework  Beat 

When  you  can't  work  from  home,  Part  8 

Columnist  Toni  Kistner  looks  at  a  Kansas  City  "studio"  geared 
toward  graphic  artists.  DocFinder  2781 

Small  Business  Tech 

Open  source  solutions  for  SMBs,  Part  2 

Columnist  James  Gaskin  talks  to  John  Locke,  author  of  Open 
Source  Solutions  for  Small  Business  Problems,  who  provides 
three  key  pieces  of  advice  for  SMBs  eyeing  open  source. 

DocFinder:  2782 

Home  Base 

Reasons  to  be  cheerful 

Columnist  Stevo  Ulfelder  says  there  are  many  reasons  to  be  a 
happy  home  worker  these  days  and  outlines  the  events  and 
trends  that  are  cause  for  home-based  optimism. 

DocFinder:  2783 


Breaking  News 

Go  online  for  breaking  news  every  day  DocFinder:  6342 
Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  6343 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resource.  , 
online.  Simply  enter  the  four-digit  DocFinder  number  u 
the  search  box  on  the  home  page,  and  you’ll  Jump 
directly  to  the  requested  information. 
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Nextel  spectrum  swap  brings  protests 

9  The  FCC  decision  last  week  to  give  Nextel  Communications  a 
prime  chunk  of  radio  spectrum  triggered  howls  of  protest  from 
competitors  and  industry  groups.  Nextel  will  give  up  frequencies  it 
has  used  in  the  800-MHz  band,  where  it  has  impeded  police  and 
fire  radio  systems,  and  the  FCC  will  modify  the  carriers  licenses  to 
grant  it  two  5-MHz  blocks  of  spectrum  in  the  1900-MHz  band.  Nextel 
competitor  Verizon  Wireless  labeled  the  FCC  decision  “bizarre”  and 
accused  the  FCC  of  “bypassing  both  Congress  and  the  FCC’s  own 
spectrum  auction  process,  and  conferring  a  multibillion  [-dollar] 
windfall  on  Nextel  at  taxpayer  expense.” The  FCC  determined  that 
Nextels  new  spectrum  is  worth  $4.8  billion.  It  will  credit  Nextel  the 
value  of  the  spectrum  the  carrier  is  giving  up,  and  Nextel  will  pay 
the  cost  of  moving  incumbent  spectrum  holders  to  other  frequen¬ 
cies.  If  those  figures  fall  short  of  $4.8  billion,  Nextel  will  pay  an  “anti¬ 
windfall  payment,”  the  agency  said. 


www.nwfusion.com 
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'em  picks 


EXCLUSIVE 


Thievery  goes  unchecked. 


United  we  fight  spam.  Speakers  at  a  three-day  U.N.  meeting  last 
week  predicted  great  progress  in  the  fight  against  spam  —  up  to  and  including 
eradication  —  will  come  in  as  little  as  two  years.  What's  at  stake  if  they're  wrong? 
“If  we  don’t  work  together,"  said  Robert  Shaw,  Internet  strategy  expert  with  the 
U.N.'s  International  Telecommunications  Union,  "we  may  see  millions  of  people 
abandoning  the  'Net  entirely, 
out  of  frustration  and  disgust.” 


Stop  the  presses. 

The  New  York  Post's 
embarrassing  "scoop"  last 
week  that  erroneously 
reported  John  Kerry's  choice 
of  a  running  mate  promises 
to  haunt  the  newspaper  for 
some  time  despite  the  story 
having  been  purged  from 
its  Web  site.  Sites  such  as 
The  Smoking  Gun  were 
ensuring  that  copies 
remained  available  online, 
and  almost  a  thousand 
hard  copies  of  the  paper 
were  on  sale  on  eBay.  > 


urt  CITY  FINAL  I 


Piracy  cost  software  manufacturers  $29  billion  last  year,  more  than  twice  the  toll 
in  2002,  according  to  a  new  study  from  the  Business  Software  Alliance.  About  a 
third  of  software  installations  worldwide  are  pirated  copies,  according  to  the  report. 


IBM  inks  $400M  deal  with  Sprint 

■  IBM  customer  and  business  ally  Sprint  is  in  a  new  deal  with  Big  Blue. The  two  compa¬ 
nies  announced  a  five-year,  $400  million  agreement  last  week  that  calls  for  IBM  Global 
Services  to  provide  application  development  and  maintenance  support  for  select  Sprint 
systems.  As  part  of  the  deal  —  which  expands  on  a  contract  Sprint  awarded  IBM  last 
September  —  about  1,000  Sprint  IT  employees  will  transfer  to  IBM.  In  February  the  two 
companies  announced  a  five-year,  multibillion-dollar  customer  service  outsourcing  agree 
ment  that  transfers  much  of  Sprint’s  call-center  management  work  to  IBM. 

Study:  More  companies  checking  worker  e-mail 

■  A  study  by  Forrester  Research  shows  that  43%  of  the  large  corporations  surveyed  have 
dedicated  staff  to  scanning  outbound  email  for  security  and  compliance  reasons. 
Making  sure  confidential  memos  aren’t  being  sent  outside  the  company  is  the  No.  1  rea- 


“Please  don’t  get  beaten  by  a  girl .  . 
please  don’t  get  beaten  by  a  girl . . . 
for  the  love  of  God,  please  don’t  get 
beaten  by  a  girl.” 


Layer 


No  one  beat  Don  Esposito, 
who  provided  the  above 
chuckle  and  wins  our 
latest  Weekly  Caption  Contest.  This  week,  it  could  be  your  turn. 
Come  by  for  the  start  of  the  next  contest. 
www.nwfusion.com/weblogs/layer8 


son  for  scanning  outbound  mail,  the  study  showed. These  organizations  also  are  con¬ 
cerned  with  making  sure  employees  comply  with  government  regulations,  such  as  the 
Health  Insurance  Portability  and  Accountability  Act,  and  with  corporate  guidelines,  as 
well  as  ensuring  that  trade  secrets  and  intellectual  property  aren’t  being  sent  outside  the 
company.  Outbound  mail  also  is  scanned  for  inappropriate  content.  The  study,  spon¬ 
sored  by  Proofpoint,  is  based  on  responses  from  140  companies  with  1,000  employees 
or  more. 

Cisco  snaps  up  traffic  optimizer 

■  Cisco  last  week  announced  it  is  buying  privately  held  Parc  Technologies,  a  developer  of 
traffic  engineering  software  for  routing  optimization,  for  $9  million.  Parc  is  a  spinoff  of 
Imperial  College,  University  of  London,  where  it  developed  search  algorithms.  Cisco  had  a 
previous  investment  in  the  company.  Parc’s  Route  Server  algorithms  break  up  network 
routing  problems  involving  quality-of-service  constraints.  These  algorithms  help  service 
providers  improve  network  utilization  and  reduce  capital  expenditure,  Cisco  says.  Initially 
Cisco  will  use  Parc’s  technology  in  the  planning  and  optimization  of  Multi-protocol  Label 
Switching  Traffic  Engineering  products. 

Portable  storage  devices  a  risk,  Gartner  says 

■  The  iPod  might  be  popular,  but  it  also  poses  such  a  major  security  risk  that  corporations 
should  consider  banning  it  and  other  portable  storage  devices,  according  to  a  study  by 
Gartner.  The  devices,  using  USB  or  FireWire  (IEEE  1394),  present  risks  on  several  fronts: 
from  introducing  malicious  code  into  a  corporate  network  to  being  used  to  steal  corpo¬ 
rate  data.  The  report  pointed  to  a  variety  of  devices,  including  pocket-sized  portable 
FireWire  hard  drives,  like  those  from  LaCie  Group  or  Toshiba,  or  USB  hard  drives  or  key- 
chain  drives,  such  as  the  DiskOnKey  from  M-Systems  Rash  Disk  Pioneers.  Gartner  also 
named  disk-based  MP3  players,  such  as  Apple's  iPad,  as  a  security  risk,  as  well  as  digital 
cameras  with  smart  media  cards,  memory  sticks  and  compact  flash.  Gartner  advised  com¬ 
panies  to  forbid  employees  and  external  contractors  with  direct  access  to  corporate  net¬ 
works  from  using  these  privately  owned  devices  with  corporate  PCs. 


Consider  the  dots  connected.  The  end-to-end  voice  over  IP  solution  we  designed 
for  Crate  and  Barrel  features  a  unified  IP  messaging  platform  and  the  most  advanced 
hardware  available.  The  new  system  will  save  them  a  bundle  on  maintenance,  management 
and  wiring,  while  easing  the  cost  and  complexity  of  adding  features  or  employees.  And 
its  already  improving  productivity,  helping  over  400  associates  make  millions  of  customers 
feel  right  at  home.  To  find  out  more,  go  to  sbc.com/dots.  GOING  BEYOND  THE  CALL.* 
logo  and  GOING  BEYOND  THE  CALL  are  registered  trademarks  c!  SBC  Knowiecge  Ventures,  LP.  and 'or  its  affiliates.  ©2004  SBC  Knowledge  Ventures,  L  R  ^  rights  reserved. 


IBM  gives  servers  boost  with  Power5 


B  BY  JENNIFER  MEARS  AND 
DENI  CONNOR 

With  an  eye  toward  helping 
users  consolidate  and  improve 
server  performance,  IBM  this 
week  plans  to  unveil  a  new  line  of 
midrange  and  high-end  servers 
based  on  its  Pbwer5  technology 

The  company’s  rollout  of  p5 
servers  is  expected  to  include 
two-,  four-,  eight-  and  1 6-processor 
boxes.  Sources  say  the  new 
eServer  p5  systems  will  be  avail¬ 
able  later  this  year.  IBM  declined 
to  comment. 

The  new  p5  family  marks  anoth¬ 
er  step  in  IBM’s  effort  to  converge 
its  two  64-bit  server  lines  —  the 
pSeries,  which  runs  AIX  (IBM’s 
version  of  Unix),  and  the  iSeries, 
which  runs  the  i5/OS  operating 
system.  The  i5/0S  is  an  updated 
OS/400  that  was  introduced  with 
the  new  eServer  i5  systems  in 
May  IBM  began  shipping  eServer 
i5  servers  last  month. 

“The  hardware  for  the  p5s  and 
the  i5s  is  virtually  identical  on  this 
fifth-generation  product  line,” says 
Nathan  Brookwood,  an  analyst  at 
Insight  64. “The  i5  is  typically  a  lit¬ 
tle  more  expensive  because  it  has 


the  i5/OS  bundled  into  it,  but  if 
you  strip  out  the  OS,  customers 
will  see  that  the  p5  and  i5  are 
identically  priced.” 

The  i5  and  p5  will  each  support 
AIX,  i5/OS  and  Linux,  which  gives 
users  greater  flexibility  They  also 
will  share  features  such  as  micro¬ 
partitioning  and  IBM’s  virtualiza¬ 
tion  engine,  which  lets  multiple 
instances  of  an  operating  system 
run  a  single  box. 

“Now  the  Unix  or  OS/400 
choice  is  just  a  choice  of  soft¬ 
ware,  not  of  hardware,”  says  James 
Governor,  principal  analyst  at 
RedMonk.’These  systems  can  run 
each  other’s  applications  and 
operating  environments.  This  is 
huge  flexibility  and  will  be  a 
major  win  for  any  shop  running 
both  platforms.” 

Like  the  i5  servers,  the  new 
eServer  p5  will  rely  on  modular 
components,  sources  say.  For 
example,  the  four-processor  mod¬ 
ules  can  be  tied  together  to  build 
much  larger  machines, giving  cus¬ 
tomers  the  ability  to  increase  the 
number  of  processors  and  the 
resulting  processing  power  of  the 
systems. 

The  Power5,  like  the  Power4,  is  a 


dual-core  chip,  meaning  that 
there  are  two  processors  on  one 
core.  But  on  the  Bower  5,  each 
processor  can  run  two  applica¬ 
tion  threads  simultaneously, 
reducing  idle  time  and  making 
the  server  more  efficient. 

Both  new  p5  servers  will  sup¬ 
port  IBM’s  Virtualization  Engine 
technology,  which  combines 
mainframe-like  portioning  capa¬ 
bilities  with  features  such  as 
workload  management,  system 
provisioning  and  grid  services. 
IBM  says  Virtualization  Engine 
will  let  users  deploy  and  manage 
compute  resources  —  regardless 
of  operating  system  —  as  a  single 
pool  that  grows  and  shrinks  ac¬ 
cording  to  application  demands. 

A  key  feature  of  Virtualization 
Engine  is  the  ability  to  divide  sys¬ 
tems  built  on  Power5  into  as 
many  as  10  partitions  per  proces¬ 
sor,  so  a  four-way  box  could  be 
sliced  into  40  partitions.  In  today’s 
pSeries  servers,  partitions  can 
only  be  as  small  as  a  single  CPU. 

Brian  Perlstein,  senior  technical 
consultant  in  the  Design  and 
Infrastructure  group  at  Oakwood 
Healthcare  in  Dearborn,  Mich., 
says  he’s  eagerly  awaiting  the  p5 


systems  because  of  the  increased 
power,  flexibility  and  partitioning 
capabilities. 

“It’s  going  to  make  workload 
management  more  usable,”  he 
says.“That’s  the  next  step  in  server 
consolidation.  It’s  similar  to  what 
you  did  with  storage  consolida¬ 
tion  when  you  started  using  a 
storage-area  network.  You  didn’t 
buy  30%  or  40%  of  overhead 
upfront.  You  allocated  pretty 
much  what  you  needed  and  then 
as  growth  happened  you  added 
it.  When  you  need  more  disk,  you 
allocate  it.  Now,  when  you  really 
need  more  CPU  you  allocate  it. 
You  don’t  just  have  it  sitting  there 
idle  because  then  you’re  paying 
for  idle  CPU.” 

The  new  IBM  p5  systems  will 
compete  with  products  from  Sun 
and  HP  such  as  the  Sun  Fire  V 
series  and  HP  Integrity  rx7620-16, 
which  HP  is  migrating  to  the  Intel 
Itanium  platform.  HP  says  that  its 
Itanium  road  map  is  much  more 
defined,  in  that  it  supports  not 
only  several  versions  of  Unix  but 
also  Windows  and  Linux. 

IBM  also  is  expected  to 
announce  later  this  year  an  IBM 
TotalStorage  Enterprise  Storage 


IBM's  p5  play 

With  its  new  p5  servers, 

IBM  can  take  advantage 

of  some  of  the  Power5 
processor. 

•  276  million  transistors  per 
processor. 

•  Supports  simultaneous 
multithreading,  which  lets  a 
single  processor  act  as  two. 

•  DynamicPower  Manage¬ 
ment  technology,  which 
allows  execution  of  50% 
more  instructions  without 
power  increase. 

•  Micropartitioning  allows  as 
many  as  10  partitions  per 
processor. 

•  Larger  L2  and  L3  cache 
allows  higher  bandwidth 
support. 

•  Virtualization  engine 
enables  on-demand 
computing. 


Server  (code-named  Shark) 
that  is  based  on  the  Power5 
processor.  ■ 


Polycom,  Tandberg  enhance  videoconferencing  gear 


B  BY  JASON  MESERVE 

The  race  between  Tandberg 
and  Polycom,  the  top  two  video- 
conferencing  equipment  provi¬ 
ders,  continues  to  heat  up  with 
both  companies  launching  prod¬ 
uct-line  enhancements  that 
could  result  in  higher  quality 
audio  and  video  and  tighter  inte¬ 
gration  with  existing  conference 
room  audiovisual  equipment. 

Both  companies  —  Polycom 
this  week  with  its  VSX  7.0  software 
release  and  Tandberg  last  week 
with  its  new  MXP-branded  end¬ 
points  —  are  enhancing  their 
core  lines  of  videoconferencing 
units  with  features  such  as  stereo 
sound,  Session  Initiation  Protocol 
support,  which  lets  endpoints  talk 
to  many  SIP  VoIP-enabled  phones 
and  devices;  and  support  for  the 
H.239  protocol,  which  standard¬ 
izes  the  way  video  and  presenta¬ 
tions  are  delivered  in  a  video  call. 
Tandberg  also  is  shipping  a 
$9,500  gatekeeper  that  authenti¬ 
cates  users  and  regulates  video 
traffic  on  a  network. 

Polycom  added  stereo  to  its  pro- 


Tandberg’s  Maestro  video  endpoint 
is  designed  to  be  used  with  existing 
audio/video  projector  systems. 


prietary  Siren  14  audio  technol¬ 
ogy,  while  Tandberg  is  implement¬ 
ing  the  new  MPEG  AAC-LD  (low- 
delay)  standard  to  provide  left 


and  right  channels  of  sound. 
Polycom  derives  its  stereo  from 
two  microphone  inputs.Tandberg 
provides  stereo  only  for  multime¬ 
dia  content  from  CDs  and  DVDs 
played  in  a  conference,  but  offers 
20-kHz  sound  compared  with  14- 
kHz  from  Polycom.  Both  compa¬ 
nies  offer  speaker  packages  to 
take  advantage  of  the  increased 
sound  capabilities. 

Stereo  might  not  seem  impor¬ 
tant,  but  it  can  help  when  there’s 
more  than  one  person  in  an  on¬ 
screen  room.“In  a  situation  where 
you  don’t  have  audio-locate 
[voice  tracking],  it  gives  you  an 
audio  clue  as  to  who  is  talking,” 
says  Dave  Horn, conferencing  ser¬ 
vice  manager  for  Entergy,  an  ener¬ 
gy  firm  in  New  Orleans  that  is  test¬ 
ing  one  of  the  new  Polycom  units. 

Polycom’s  VSX  7.0  software 
includes  the  ability  to  do  live  and 
on-demand  Web  streaming  of 
video  calls  in  QuickTime  format, 
the  ability  to  see  four  participants 
on  screen  at  one  time,  SNMP  sup¬ 
port  for  remote  management,  and 
integration  with  Cisco  Call  Man¬ 
ager  4.0  ECS.This  will  let  a  user  of 


a  Cisco  IP  phone  transfer  calls  to 
a  video  Polycom  video  endpoint. 
The  7.0  software  upgrade  is  free 
for  any  current  VSX  owner. 

Polycom  also  is  introducing  new 
video  endpoints,  including  two 
new  set-top  units  in  the  VSX  7000 
line  (starting  at  about  $6,000)  and 
three  new  rack-mounted  systems 
in  the  VSX  8000  series  (starting  at 
about  $13,000)  that  are  designed 
for  larger  conference  rooms.  Paly- 
corn  has  added  integration  be¬ 
tween  some  of  the  higher-end 
units  and  itsVTX  1000  audio  con¬ 
ference  phone  that  lets  the 
phone’s  speakers  and  micro¬ 
phones  be  the  audio  arm  of  the 
video  call.  Users  also  can  dial  vid¬ 
eo  calls  from  the  phone’s  keypad. 

Meanwhile,  Tandberg  is  boost¬ 
ing  horsepower  of  its  MXP  line, 
which  features  new  Trimedia 
chips  to  increase  processing 
power  that  can  now  do  H.264 
video  compression,  encryption 
and  H.239  in  the  same  call.  The 
company  also  increased  the 
number  of  participants  that  an 
endpoint  can  handle  in  a  call  to 
11  —  six  people  on  video  and 


five  on  the  phone  —  up  from  four 
video  sites  and  one  audio  port. 

Built-in  transcoding  lets  each 
user  receive  the  best-quality 
audio  and  video  their  system  can 
handle,  rather  than  lowering 
everyone  to  the  lowest  common 
denominator,  as  it  did  before, says 
Snorre  Kjesbu',  vice  president  of 
technology  at  Tandberg. 

Tandberg  also  released  the 
Maestro  MXP  (about  $25,500) 
roll-about  unit,  which  has  a  pole- 
mounted  camera  and  is  designed 
for  users  in  conference  rooms 
with  overhead  video  projectors 
and  speakers.  There’s  also  a  new 
Codec  3000  MXP  rack-mount  sys¬ 
tem  (about  $14,000)  and  3000 
MXP  cart-based  system  with  dual 
monitors  (about  $16,000). 

Tandberg  originally  built  its 
video  endpoints  on  the  same  soft¬ 
ware  and  chipset  and  only  recent¬ 
ly  added  multipoint  control  unit 
(MCU),  gateway  and  now  gate¬ 
keeper.  Polycom  built  its  product 
lines  through  acquisitions  The 
company  is  phasing  out  its  older 
but  popular  ViewStation  video 
line  in  favor  of  the  VSX  family  ■ 
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We  put  a  single  platform,  mobile  data 
and  security  in  your  hands.  Now  you  can 
put  the  enterprise  in  theirs. 


Now  the  BlackBerry"'  Enterprise  Solution  allows  your  business 
applications  to  be  accessed  virtually  anywhere.*  Whether  it's  email, 
ERP,  CRM  or  document  management  systems,  our  solution  is  built 
on  an  open,  secure  platform  that  can  wirelessly  extend  your  existing 
applications  so  you  won’t  have  to  rebuild  or  replace  them.  Best 
of  all,  the  BlackBerry  Enterprise  Solution  is  a  proven  platform, 
deployed  by  tens  of  thousands  of  organizations  around  the  world, 
which  means  wireless  access  to  data  can  be  managed  by  your  IT 
staff  with  more  confidence. 


The  BlackBerry  Enterprise  Solution  Difference 

•  Provides  advanced  security  including  triple  DES 
encryption,  handheld  password  protection, 
wireless  IT  security  commands  and  policies 

•  Includes  server  software,  wireless  handhelds, 
wireless  service  and  support  programs 

•  Provides  flexible  application  deployment  - 
build  in-house  or  with  help  from  an  independent 
software  vendor 

•  Delivers  centralized  manageability  and 
simplified  implementation 


d.  BlackBerry  is  an  end  to  end  wireless  solution  developed  by 
-  o  motion*  symfcc  an?  trademarks  or  registered  trademarks 
to  subscribing  to  or  implementing  any  th«rd  party  products 
service  provider  you  are  working  with  has  agreed  to  support 
and  that  you  obtain  the  necessary  licenses  RIM  makes  no 
to  the  third  party  products  and  services  and  RIM  assumes  no 
id  services  even  if  RIM  nas  been  advised  of  the  possibility  of 
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representation,  warranty  or  guarantee  whatsoev 
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Siemens  updates  presence,  collaboration  suite 

OpenScape  2.0  promises  more  scale,  new  features  for  connecting  employees. 


■  BY  PHIL  HOCHMUTH 


Siemens  this  week  is  expected 
to  upgrade  its  OpenScape  pres¬ 
ence  management  and  collabo¬ 
ration  software  to  quadruple  the 
number  of  users  who  can  be  sup¬ 
ported  and  make  it  easier  to  com¬ 
bine  IP- and  non-IP-based  phones 
and  devices. 

The  presence  management  fea¬ 
tures  could  make  it  easier  for 
workers  to  contact  each  other  via 
e-mail,  instant  message,  telecon¬ 
ferencing  and  online  collabora¬ 
tion  portals,  Siemens  says.  The 
company  adds  that  the  Session  In¬ 
itiation  Protocol  (SlP)-based  of¬ 
fering  can  integrate  with  its  IP  tele¬ 
phony  products,  and  other  stand- 
ards-based  VoIP  and  TDM  gear. 

OpenScape  is  a  Windows  2003 
server  software  package  that 
works  with  Microsoft  Live  Commu¬ 
nication  Server  (LCS),  a  SIP-based 
application  server  for  setting  up  IP- 
based  voice,  video  or  chat  sessions 
with  SIP  endpoints.  OpenScape 
lets  users  connect  a  Microsoft  LCS 
box  with  telephony  equipment, 
such  as  Siemens  PBXs,  IP  PBXs  or 
third-party  telephony  products. 
This  support  lets  users  with  SIP- 
based  phones  or  PC  clients  —  run¬ 
ning  OpenScape  portal  software 
—  connect  with  conferencing, 
presence  and  other  applications, 
using  LCS  as  the  underlying  com¬ 
munications  middleware. 

The  new  version,  2.0,  sustains 
more  end  users,  supporting  up  to 
2,000  on  an  OpenScape  server. 
OpenScape  1.0  supported  up  to 
500  users.  With  Version  2.0  multi¬ 
ple  OpenScape  servers  also  can 
be  networked  as  one  system  with 
one  management  directory, 
which  theoretically  could  let  a 
company  have  more  than  10,000 
employees  on  the  system.  Siem¬ 
ens  says  it  hasn’t  tested  the  soft¬ 
ware  at  such  a  scale. 

Star  IT,  an  integration  firm  that 
installs  collaboration  software 
from  Microsoft  and  Siemens,  is 
testing  a  beta  version  of  Open¬ 
Scape  2.0.  The  Medfield,  Mass., 
company  has  used  OpenScape 
for  about  a  year, alongside  a  Cisco 
CallManager  IP  PBX,  to  connect 
100  employees  with  presence 


B  See  what  Andy  Mattes, 
Siemens  CEO  for  U.S. 
enterprise  operations, 
says  about  VoIP.  PAGE  17 


and  conferencing  applications. 
The  company  uses  a  SIP  gateway 
to  connect  Cisco  7960  IP  phones 
to  the  OpenScape  servers.  This 
allows  the  phones  to  be  included 
in  the  OpenScape  presence 
directory  and  in  the  Cisco  Call- 
Manager  directory 

Hosting  customer  and  partner 
teleconferences  in-house  via 
OpenScape  has  helped  cut  costs, 
says  George  Rodgers,  president 
and  CEO  of  Star  IT.  The  company 
paid  as  much  as  $30,000  per 
month  for  Web  and  teleconfer¬ 
ence  services  from  WebEx  and 
AT&T  previously  but  Rodgers  says 
that  has  been  cut  45%  over  the 
last  nine  months  because  of 
OpenScale  1.0’s  efficiencies. 

Among  the  new  features  in 
Version  2.0  is  the  ability  to  include 
non-SIP-based  endpoints  in  the 
presence  management  and  con¬ 
ferencing  platform.  Cell  phones, 
BlackBerrys  as  well  as  IP  phones 
and  PBX  phones  from  third-party 
vendors  now  can  be  listed  in  an 
OpenScape  directory  Siemens 


says,  which  lets  users  see  avail¬ 
ability  across  multiple  devices. 

Another  feature  lets  a  user  with 
a  cell  phone  or  voice-enabled 
BlackBerry  or  PDA  dial  into  an 
OpenScape-attached  company 
phone  switch  and  gain  access  to 
OpenScape  applications  through 
voice  recognition.  This  lets  users 
set  up  conferences,  check  voice 
and  Microsoft  Outlook-based 
e-mail,  and  locate  colleagues 
through  voice  commands. 

Also  in  Version  2.0  are  develop¬ 
er’s  tools,  including  open  Speech 
Application  Language  Tags  and 
voice  XML  APIs,  which  can  be 
used  to  integrate  OpenScape 
voice  portals  with  other  applica¬ 
tions  —  such  as  CRM  software  or 
other  Web-based  applications. 

OpenScape  2.0  is  scheduled  to 
be  available  next  month  starting 
at  $125  per  user  for  the  core  pack¬ 
age  —  including  presence,  col¬ 
laboration  and  conferencing.  An 
additional  $100-per-user  license 
key  upgrade  adds  voice-enable¬ 
ment  to  the  system.* 
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All  together  now 

Siemens’  OpenScape  collaboration  and  presence  server 
software  integrates  with  Microsoft  Live  Communication 
Server  (LCS)  and  Siemens  IP  PBX  technology  to  combine 
presence  with  conference  calling  technology. 


Windows  2000 


©  Users  A  and  B  are  conferenced  ©TTie  LCS  server  tells  the 

IP  PBX  to  call  User  C’s 


O  User  A  sets  up  a 
teleconference  with 
users  B  and  C  through 
an  OpenScape  client 
application. 


in,  but  User  C’s  presence 
status  is  set  to  “out  of  office.” 
This  status  is  configured  so 
that  his  cell  phone  is  contacted 
instead. 


cell  phone,  and 
conferences  in  User  C 
via  LCS  and  the  IP  PBX. 


V  J 


NetlQ  brings  voice  into  apps  mgmt. 


■  BY  DENISE  DUBIE 

John  Lewis  encountered  a  few 
pitfalls  when  switching  his  PBX 
system  to  VoIP 

“As  we  got  more  and  more  peo¬ 
ple  moved  from  one  system  to 
the  other, we  had  issues  with  com¬ 
munication  between  the  two  sys¬ 
tems  because  we  only  had  24 
ports  between  them  for  conversa¬ 
tions,”  says  the  systems  engineer 
for  the  city  of  Lewisville,  Texas.  “A 
lot  of  people  were  getting  busy 
signals  just  for  internal  calls.” 

Lewis  says  he  didn’t  have  the 
tools  to  spot  performance  issues 
immediately,  but  problem  detec¬ 
tion  and  resolution  became  sim¬ 
pler  when  he  started  using 
NetIQ’s  Vivinet  Manager.  The  soft¬ 
ware  monitors  voice  traffic  and 
applications  that  work  with  four 
Cisco  CallManager  systems,  a 
Cisco  Unity  machine  for  voice 
mail  and  about  30  VoIP  analog 
gateways  that  provide  about  100 
analog  access  points  for  lines 
across  off-premises  extension 
(OPX)  circuits.  He  says  the  soft¬ 
ware  helps  him  get  “pretty 
detailed  information  on  what  is 
happening  and  where.” 

This  week,  features  of  the  Vivinet 


More  to  manage 

VoIP  adoption  in  2004 
could  double,  accord¬ 
ing  to  Forrester 
Research.  The  firm 
reports  that  9%  of  CIOs 
polled  in  a  series  of 
surveys  said  in  2003 
VoIP  was  top  on  their 
minds,  while  20% 
ranked  VoIP  a  priority 
for  this  year. 

Manager  software  Lewis  uses  will 
be  rolled  into  NetIQ’s  AppMan- 
ager  Suite  6.0  software,  which 
monitors  application  perfor¬ 
mance  across  distributed  servers 
and  end-user  desktops.  NetlQ 
says  adding  Vivinet  technology  to 
its  application  management  soft¬ 
ware  will  give  customers  a  con¬ 
verged  look  at  data  and  voice 
application  performance.  Vivinet 
Manager  performs  call  set-up 
sequences  with  the  user’s  VoIP 
nodes,  such  as  gateways  and  call 
controllers,  to  monitor  for  voice 
performance  and  quality 
“In  a  lot  of  ways,  voice  applica¬ 
tions  are  just  another  application 


on  the  network,  but  they  do 
require  monitoring  for  different 
metrics,”  says  David  Manks,  senior 
director  of  product  marketing  at 
NetlQ.  “Sometimes  voice  applica¬ 
tions  affect  the  others  and  vice 
versa.” 

By  incorporating  Vivinet  tech¬ 
nology  AppManager  6.0  now  can 
monitor  Cisco  and  Nortel  VoIP 
devices  and  deliver  that  perfor¬ 
mance  data  into  one  manage¬ 
ment  console  alongside  IP  events 
and  alerts.  NetlQ  says  the  release 
incorporates  AppManager  soft¬ 
ware, Vivinet  tools  and  technology 
from  the  company’s  Chariot 
Advanced  product,  which  per¬ 
forms  real-time  analysis  and  simu¬ 
lation.  NetlQ  competes  with  com¬ 
panies  such  as  Brix  Networks  and 
Micromuse  that  offer  VoIP  perfor¬ 
mance  management  software. 

The  core  AppManager  technol¬ 
ogy  runs  on  Windows,  while  Unix 
and  Linux  boxes  are  monitored 
through  software  agents.  NetlQ 
monitors  multiple  components  in 
the  application  infrastructure, 
including  various  flavors  of  Web 
servers,  application  servers,  load 
balancers,  cluster  support,  e-mail, 
and  file  and  disk  managers.  The 
company  uses  distributed  soft¬ 


ware  agents  to  collect  data  from 
managed  systems  and  interfaces 
with  third-party  management  sys¬ 
tems  to  share  management  data. 

Another  enhancement  to  Ver¬ 
sion  6.0  lets  the  software  manage 
more  with  less  infrastructure  and 
more  than  double  the  number  of 
servers  that  can  be  managed  per 
AppManager  console.  The  com¬ 
pany  says  one  deployment  now 
can  manage  between  700  and 
800  servers,  depending  on  the 
data  collected  on  managed  sys¬ 
tems  and  servers. 

Pricing  for  AppManager  6.0  is 
based  on  the  number  and  types 
of  applications  managed.  The 
operator  console  costs  $2,500; 
pricing  for  Windows  agents  and 
applications  starts  at  $600;  and 
pricing  for  Linux  and  Unix  agents 
and  applications  starts  at  $750.  ■ 


Correction 


■  In  the  story  “Battle  for 
bandwidth"  (June  14,  page  37), 
I  the  company  should  have  been 
•  identified  as  American  Building 
Maintenance. 


COMPANIES  THAT  PUT  VOICE  ON  THE 
NETWORK  CHOOSE  THE  COMPANY 
THAT  BUILT  THE  NETWORK. 

When  voice  joins  data  on  a  secure  network,  some  remarkable  things  can  happen.  Instead  of  managing  different  flavors  of  PBX  from  location  to  location,  you 
can  handle  everything  from  one  place,  saving  time  and  money — not  to  mention  mileage  on  IT  staff  shoes.  And  with  over  20  years  of  proven  networking 
experience,  Cisco  has  become  the  standard  for  millions  of  voice  IP  users  around  the  world.  It's  why  over  half  of  the  Global  500  have  chosen  Cisco  to  rethink 
the  way  they  handle  voice.  And  their  business.  Are  you  in  yet?  To  learn  how  Cisco  can  help  you  plan,  design  and  implement  an  end-to-end  IP  solution,  visit 

cisco.com/go/ipcnow  NOW,  OVER  THREE  MILLION  PEOPLE  ARE  USING  CISCO  IP  PHONES. 
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Wary  buyers  dampen  software  sales 


Software  struggles 

The  Goldman  Sachs  software  index  has  fallen  15%  since  hitting  its  52-week 
high  of  165.64  in  late  January.  The  index  tracks  about  45  software  stocks, 
including  BEA  Systems,  Computer  Associates,  Microsoft,  Oracle,  PeopleSoft, 
Siebel  Systems,  Veritas  Software  and  webMethods. 


B  BY  ANN  BEDNARZ 

A  rash  of  revenue  warnings 
from  enterprise  software  makers 
has  the  long-awaited  technology¬ 
spending  recovery  sputtering  — 
a  situation  that  keeps  bargaining 
power  squarely  in  the  hands  of 
corporate  IT  buyers. 

BMC,  FileNet,  PeopleSoft,  Siebel 
Systems  and  Veritas  Software 
were  among  vendors  reporting 
last  week  they  would  not  meet 
analysts’  expectations  for  the 
quarter  ended  June  30.The  week 
before,  Informatica,  Sybase  and 
webMethods  warned  of  their  dis¬ 
appointing  financials. 

Nearly  all  blamed  unfinished 
deals  for  the  shortfalls. 

Management  software  maker 
BMC  said  quarterly  revenue 
would  be  between  $318  million 
and  $328  million,  below  its  prior 
forecast  of  $345  million  to  $355 
million,  because  of  “delays  in  cus¬ 
tomer  purchasing  decisions 
among  larger  accounts.” 

CRM  leader  Siebel  similarly 
blamed  “unexpected  delays  in 
purchasing  decisions”  for  its  dis¬ 
appointing  results  and  warned 
that  revenue  would  be  about 
$301  million,  which  is  $52  million 
short  of  analysts’  expectations. 
Siebel’s  license  revenue  —  pro¬ 
jected  now  at  $95  million  —  will 
be  at  its  lowest  since  March 
1999,  Merrill  Lynch  notes. 

WebMethods,  which  missed  its 
own  expectations  by  20%,  also 
attributed  its  revenue  shortfall  to 
a  large  number  of  deals,  includ¬ 
ing  one  for  $5  million,  that  didn’t 
close  by  the  quarter’s  end.  Instead 
of  $51  million  to  $56  million, web¬ 
Methods  now  expects  to  bring  in 
$40  million  to  $41  million. 

A  different  story 

Only  PeopleSoft  added  a  twist:  It 
tried  to  lay  blame  for  a  $25  mil¬ 
lion  to  $35  million  revenue  short¬ 
fall  on  Oracle’s  hostile  takeover 
bid  and  damaging  publicity  sur¬ 
rounding  the  anti-trust  trial,  which 
was  “impossible  to  completely 
overcome,”  said  Craig  Conway, 
PeopleSoft ’s  president  and  CEO, 
in  a  statement.  “We  believe  the 
adverse  impact  to  our  business 
has  been  substantial,  with  even 
greater  impact  this  past  month.” 

But  analysts  say  prolonged 
sales  cycles  are  more  likely  to 
blame  for  PbopleSoft’s  woes. 

In  CIO  surveys  Merrill  Lynch 
conducted,  respondents  gave  no 
indication  that  Oracle’s  bid  for 
PeopleSoft  and  its  anti-trust  trial 


had  any  effect  on  purchasing 
products  from  PeopleSoft,  says 
Karen  Russillo,  a  vice  president  at 
Merrill  Lynch. 

For  PeopleSoft  and  its  peers,  the 
biggest  reason  for  poor  sales  is 
pricing  pressure,  Russillo  says. 
“Pricing  pressure  is  killing  these 
companies.  That’s  really  the  pri¬ 
mary  culprit.” 

Vendors  keep  undercutting 


each  other’s  prices,  and  cus¬ 
tomers  are  controlling  the  negoti¬ 
ation  process,  she  says.  And 
despite  having  deferred  many  IT 
purchasing  decisions  for  as  long 
as  a  few  years,  IT  executives  don’t 
feel  rushed  to  catch  up. 

“Customers  are  not  putting  a 
sense  of  urgency  on  buying  soft¬ 
ware,”  Russillo  says.  “If  they’re  not 
going  to  get  the  prices  they  want, 


they’re  just  not  going  to  buy  it  this 
quarter!’ 

Despite  the  downbeat  quarter, 
analysts  are  optimistic  that  cor¬ 
porate  IT  expenditures  will  rise, 
slowly  but  surely  In  Merrill  Lynch’s 
surveys,  CIOs  are  saying  they  have 
the  budgets  to  buy  software. 

“But  the  summer  quarter  is  not 
the  quarter  where  we’re  going  to 
see  a  big  uplift,”  Russillo  says. 
“We’re  not  going  to  see  real 
growth  and  improvement  until 
the  year-end  budget  flush.” 

The  Yankee  Group  says  compa¬ 
nies  are  finally  planning  to 
increase  IT  spending  on  long- 
overdue  software  upgrades,  in 
particular.  According  to  the 
research  firm, eight  out  of  10  busi¬ 
nesses  will  commence  a  major 
software  upgrade  by  year-end. 

That’s  not  to  say  the  economic 
constraints  of  the  past  three  years 
have  gone  away  —  on  the  con¬ 
trary  businesses  are  just  as  cau¬ 
tious,  says  Laura  DiDio,  a  senior 
analyst  at  The  Yankee  Group.  But 
the  availability  of  aggressive  pro¬ 
motions  from  vendors  such  as 
Microsoft,  Oracle,  PeopleSoft  and 
Sun  is  drawing  out  some  buyers, 
she  says. 

“It’s  a  bargain  bonanza  out 
there  between  what  the  vendors 
are  offering  to  spur  sales  and  the 
deals  that  the  vendors’  training 
partners  and  resellers  are  offering 
on  top,”  DiDio  says.  ■ 


The  other  side:  Hardware  revenue  should  be  up 


s  the  weather  heats  up  in  the  Northern 
Hemisphere,  revenue  from  IT  hardware 
tends  to  cool  off.  Despite  a  slew  of  recent 
earnings  warnings  from  their  software  counter¬ 
parts,  the  IT  hardware  industry  should  improve 
on  last  year's  second  quarter  amid  the  usual 
seasonal  slowdown,  according  to  analysts. 

This  week,  Intel,  Advanced  Micro  Devices 
(AMD),  Apple  and  IBM  will  report  quarterly 
earnings.  Sun  and  Gateway  will  post  their  latest 
financial  data  in  two  weeks.  Dell  and  HP  are  on 
different  fiscal  cycles  from  the  rest  of  the  indus¬ 
try  and  won't  report  earnings  for  another  month. 

In  terms  of  revenue,  Intel  and  AMD  are  ex¬ 
pected  to  show  normal  seasonal  downturns  but 
healthy  increases  compared  with  last  year's 
second  quarter.  Consumers  typically  take  a 
break  from  buying  PCs  in  the  second  quarter, 
and  shipments  are  expected  to  plunge  about 
18%  from  the  first  quarter  of  this  year  to  the 
second  quarter,  says  Roger  Kay,  vice  president 
of  client  computing  for  IDC. 

However,  the  second  quarter  is  generally 
strong  for  enterprise  hardware  purchasing. 


Government  and  educational  customers  tend  to 
lift  commercial  shipments  in  the  second  quarter, 
Kay  says. 

Strong  iPod  sales  should  give  Apple  another 
strong  quarter,  says  Steven  Milunovich,  global 
technology  strategist  at  Merrill.  Any  future 
impact  felt  from  the  recent  suspension  of  iMac 
orders  should  be  offset  by  the  introduction  of 
the  iPod  Mini  in  Europe  and  the  launch  of  HP’s 
iPod  product  line  in  the  third  quarter,  he  said. 

The  second-quarter  picture  appears  rosier  for 
Sun  for  the  first  time  in  a  while,  based  on  strong 
sales  of  the  Sun  Fire  V1280  and  E2900  midrange 
servers,  Milunovich  says.  Merrill  raised  its  esti¬ 
mates  for  Sun's  second-quarter  revenue,  but  still 
expects  the  company  to  post  a  loss,  he  says. 

IBM's  microelectronics  division  should  return 
to  profitability  in  the  second  quarter,  as  the 
company  makes  good  on  its  promises  to  fix  the 
yield  problems  that  plagued  the  introduction  of 
the  90nm  PowerPC  970FX  earlier  this  year,  Mil¬ 
unovich  says.  Merrill  expects  the  company  to 
meet  expectations  for  the  quarter. 

—  Tom  Krazit,  IDG  News  Service 
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Microsoft 

continued  from  page  1 

came  with  a  caveat,  in  that  using 
a  browser  other  than  IE  could 
reduce  features  when  viewing  IE- 
specific  Web  sites  and  that  IE, 
which  is  baked  into  the  Windows 
operating  system,  still  would  be 
used  with  various  applications. 


ing  to  the  broader  Web  standards 
then  we  won’t  have  any  choice 
outside  IE,”  Mann  says. 

Experts  agree  that  browser 
choice  is  something  hard  to 
come  by  these  days. 

“There  is  not  a  real  good  answer 
for  the  enterprise,”  says  John 
Fescatore,an  analyst  with  Gartner. 
“IE  is  really  bad.  It  is  riddled  with 


The  alternatives 


Browsers 

Highlights 

Mozilla/Firefox 

Open  source  software  a  spin-off  from  Netscape. 

Netscape 

The  pioneer  now  at  Version  7.1. 

Opera 

Cross-platform  support  includes  smartphones 
and  PDAs. 

Safari 

Mac  only;  rendering  engine  uses  software  from 
KDE  open  source  project. 

US-CERT  also  suggested  dis¬ 
abling  Active  X,  which  was  at  the 
heart  of  the  most  recent  vulnera¬ 
bility,  and  maintaining  updated 
anti-virus  software  and  refraining 
from  clicking  URLs  within  e-mail. 

The  IE  caveat  wasn’t  news  to 
those  who  have  tried  to  switch 
browsers  but  keep  getting  pulled 
back  to  IE  because  of  its  propri¬ 
etary  scripting  features  and  deep 
integration  with  Windows.  IE  is 
used  to  render  HTML  within 
many  Web-based  applications 
that  run  on  Windows. 

Keith  Mann,  network  engineer 
for  Harrison  School  District  Two 
in  Colorado  Springs,  says:  “We 
tried  to  be  an  all-Netscape  shop, 
but  we  ran  into  too  many  appli¬ 
cations  that  don’t  work  without 
IE.  We  can’t  do  Windows  Update 
downloads  with  Netscape.”  Win¬ 
dows  Update  is  the  Microsoft  site 
that  provides  security  patches  for 
Windows  software. 

Mann,  who  says  the  growing  list 
of  IE  vulnerabilities  is  why  he 
wants  out,  says  the  inability  to 
leave  IE  can  be  traced  to  devel¬ 
opers  who  have  had  to  decide 
how  to  prioritize  their  time.  With 
IE  owning  94%  of  the  browser 
market,  according  to  Web  analyt¬ 
ics  firm  OneStat.com,  Mann  says 
Web  developers  naturally  use  the 
Active  X  and  scripting  controls 
that  are  proprietary  to  IE  and  not 
supported  in  other  browsers  such 
as  Netscape  and  Mozilla. 

Despite  the  complications  of 
moving  from  IE,  discovery  of  the 
security  hole  last  week  led  to  a 
one-day  spike  in  downloads  of 
Mozilla,  the  second-leading 
browser,  from  100,000  to 
200,000,  according  to  the 
Mozilla  Foundation. 

“If  developers  don’t  start  writ- 


security  problems,  but  it  is  pretty 
much  impossible  for  companies 
to  move  away  from  it.” 

He  predicts  that  corporations 
would  see  on  average  about  3% 
of  Web-based  applications  break 
if  IE  were  replaced.  While  that 
appears  to  be  a  small  number,  he 
says  it  could  include  critical 
applications  and  would  foster 
costly  spikes  in  help  desk  calls. 

In  addition,  others  say  moving 
to  another  browser  won’t  guar¬ 
antee  a  secure  environment. 
They  say  if  other  browsers  had 
the  market  share  and  scrutiny 
that  IE  has,  they  too  could  be 
security  risks. 

“Until  those  browsers  are  vet¬ 
ted  on  the  level  that  IE  is  vetted, 
we  don’t  know  what  exposures 
are  there,”  says  Rob  Enderle,  pres¬ 
ident  of  consulting  firm  Enderle 
Group.  Furthermore,  he  says, 
developers  of  those  browsers 
don’t  have  a  generally  accepted 
enterprise  support  infrastructure 
to  address  security  issues  and 
vulnerabilities. 

Just  last  week,  one  was  ex¬ 
posed  in  the  Mozilla  Application 
Suite,  which  includes  the  forth- 


More  online! 


Be  the  first  to  see,  touch,  and  explore  the 
best  of  what's  next  in  wireless.  Register 
today  for  Demomobile, 

Sept.  8-10,  La  Jolla,  Calif. 

DocFinder:  1951 


Fight  or  switch? 

In  the  wake  of  recent  vulnerabilities  discovered  in 
Microsoft’s  Internet  Explorer,  the  U.S.  Computer 
Emergency  Readiness  Team  suggested  several  ways 
users  can  limit  their  exposure  including  switching  to 
another  browser.  Users  have  many  points  to  consider 
in  deciding  whether  to  stick  with  IE. 

Pros  Cons 


coming  Firefox  browser  and 
Thunderbird  email  client.  The 
Mozilla  Foundation  released  a 
patch  for  its  Windows  software 
only.  The  vulnerability  allowed 
attackers  to  inject  rogue  pro¬ 
grams  onto  Windows  systems. 

Chris  Hoffman,  engineering 
director  for  the  Mozilla  Found¬ 
ation,  disputes  claims  that  the 
open  source  browser  is  not 
ready  for  the  enterprise  market. 

“Mozilla  came  from  Netscape, 
which  was  used  by  a  number  of 
large  enterprises,”  he  says.  “It’s 
attractive  with  its  cross-platform 
support  and  strong  security 
architecture.” 

Mozilla  builds  its  trust  model 
around  local  applications  them¬ 
selves  and  uses  dialog  boxes  that 
let  users  approve  or  reject  any 
code  that  a  Web  site  might  try  to 
download  to  a  desktop.  “Micro¬ 
soft  hides  some  of  that  from  the 
user,”  Hoffman  says. 

Microsoft  says  changes  are 
coming,  and  the  first  will  be  in 
Windows  XP  Service  Pack  2,  due 
out  in  the  next  60  days.  Microsoft 
is  making  changes  to  IE’s 
domain/zone  security  model, 
including  a  Local  Machine  Zone 
Lockdown  that  will  prevent 
zones  from  sharing  privileges 
through  Active  X.  That  scenario 
was  part  of  the  exploit  of  the  lat¬ 
est  IE  security  hole. 


•  Standardized  desktops  ease 
support  and  maintenance. 

•  Web  sites  and  applications 
that  rely  on  proprietary 
aspects  of  IE  do  not  have  to 
be  rewritten  or  re-architected 
for  multiple  browsers. 

•  Windows  XP  Service  Pack  2, 
due  to  ship  this  summer, 
includes  features  that  will  help 
alleviate  some  of  IE’s  security 
problems,  such  as  restrictions 
of  Active  X  controls. 


Microsoft,  however,  has  not 
committed  to  making  the  same 
architectural  changes  on  older 
operating  systems.  According  to 
Gartner,  less  than  half  of  the 
Windows  client  installed  base 
runs  XP 

“We’re  evaluating  how  much 
work  it  would  take  to  do  that 
[backward-compatibility]  and 
if  users  would  deploy  it,”  says 


•  Users  balance  convenience 
against  security  until  Microsoft 
can  clean  up  its  software. 

•  Users  must  keep  up  with  a  slew 
of  patches  to  protect 
themselves  from  holes  in  IE. 

•  Changes  Microsoft  making  to 
IE  in  XP  SP2  are  not  available 
for  older  operating  systems, 
and  Microsoft  has  not 
committed  to  providing 
backward-compatibility. 


Gary  Schare,  director  of  Win¬ 
dows  client  security  for  Micro¬ 
soft.  Microsoft  also  is  planning 
new  IE  innovations  that  could 
be  released  with  its  Longhorn 
version  of  Windows,  which  is 
due  in  2007,  or  separately 
before  that  time.  ■ 

Get  more  information  online. 
DocFinder:  2784 
www.nwfusion.com 


Microsoft  aims  to  save  $1B  this  fiscal  year 


Microsoft  plans  to  save  nearly  $1  billion 
through  efficiency  improvements  and 
cost-cutting  in  its  2005  fiscal  year, 
Microsoft  CEO  Steve  Ballmer  said  in  his  annual 
strategy  e-mail  message  to  employees  last  week. 
The  company's  new  fiscal  year  started  July  1. 

Over  the  past  three  years,  expenses  at 
Microsoft  have  grown  faster  than  revenue. 

“This  is  obviously  not  a  trend  we  can  continue,” 
Ballmer  wrote.  The  company's  plan  to  save 
money  includes  better-coordinated  marketing, 
which  should  save  hundreds  of  millions  of  dol¬ 
lars,  according  to  Ballmer.  Microsoft’s  total 
operating  expenses  for  the  year  ended  June  30, 
2003,  were  $18.97  billion,  up  from  $16.46  billion 
the  previous  year. 

Ballmer  noted,  however,  that  Microsoft's  cost 
per  employee,  including  benefits  and  salary,  will 
rise  by  6%. 

Efforts  to  reduce  costs  also  have  hit  Micro¬ 
soft  employees.  The  software  maker  has  scaled 
back  employee  benefits.  But  salaries  will  go  up 
consistent  with  inflation,  and  superior  perform¬ 
ers  will  receive  bigger  raises,  he  wrote. 

"Other  companies  have  been  severe  in  tight¬ 
ening  costs  in  the  last  few  years  —  layoffs, 
major  benefit  reductions,  etc.  We  have  not  done 
these  things  and  want  to  be  prudent  now  so  we 


avoid  severe  measures  later,"  Ballmer  wrote. 

One  of  the  changes  in  employee  benefits  is 
reduced  coverage  for  prescription  medicines,  a 
Microsoft  spokesman  said.  Employees  now 
have  to  pay  part  of  the  cost  of  brand-name 
drugs  if  a  generic  alternative  is  available,  he 
said. 

Microsoft  has  to  overcome  its  *‘big  company 
ills"  with  a  “strong  focus  on  accountability  for 
results  with  customers  and  shareholders,” 
Ballmer  wrote.  He  called  upon  employees  to 
set  clear  and  measurable  goals  and  deliver  on 
those  commitments. 

Ballmer’s  e-mail  message  reflects  the  overall 
state  of  the  company,  says  Rob  Enderle,  presi¬ 
dent  of  Enderle  Group. 

“Microsoft  is  buttoning  down  for  what  un¬ 
doubtedly  will  be  a  period  of  tough  growth,  and 
Steve  is  getting  the  troops  ready  for  the  belt¬ 
tightening  to  come,"  Enderle  says.  "They  clearly 
are  concentrating  more  and  more  on  margins 
and  are  setting  some  aggressive  targets." 

In  the  e-mail  message,  Ballmer  also  laid  out 
focus  areas  for  the  company.  The  list  contains 
no  surprises  and  includes  all  of  Microsoft’s  cur¬ 
rent  product  groups.  The  key  to  growth  is  inno¬ 
vation,  Ballmer  wrote. 

—  Joris  Evers,  IDG  News  Service 
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MIDDLEWARE  IS  IBM  SOFTWARE.  Powerful  software 

like  Tivoli®  and  WebSphere®  And  it’s  at  the  heart  of  solving 
what  analysts  call  the  key  issue  of  2004:  automation. 

IBM  middleware  is  open  and  can  deliver  it  all  at  a  pace 
to  match  your  needs.  It  anticipates  problems,  responds 
to  change  and  optimizes  resources.  And  it  all  leads  to 
meeting  business  goals.That’s  ON  DEMAND  BUSINESS. 

1.  Increased  ATM  activity  detected  instantly. 

2.  Identities  confirmed  securely. 

3.  Online  banking  increases  dramatically. 

4.  IT  resources  optimized  dynamically. 

5.  Bank  serves  customers  easily. 

Learn  more  about  middleware  and  IBM’s  leadership  role  in  automation  at  ibm.com/middleware/autornate 
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continued  from  page  1 

petroleum  truck  drivers,”  says  Jason 
Hittleman,  vice  president  of  information 
systems  at  the  Romulus,  Mich.,  company. 

Despite  promises  from  carriers  to  keep 
numbers  private,  there  are  concerns  about 
how  the  numbers  will  be  kept  private  once 
they  are  part  of  a  database. 

“if  these  numbers  became  available  to 
the  public,  our  drivers  could  begin  receiv¬ 
ing  unsolicited  phone  calls,  which  could 
distract  them  from  the  road,”  he  says. 

Federal  and  state  legislation  is  in  the 
works  aimed  at  keeping  a  close  check  on 
how  the  carriers  handle  this  service.  One 
federal  bill  —  the  Wireless  4 1 1  Privacy  Act 
—  mandates  that  carriers  stick  to  their 
promise  that  only  those  opting  in  will  be 
listed  and  that  no  one  will  be  charged.The 
bill  also  stipulates  that  the  database  of 
mobile  numbers  never  be  published  or  dis¬ 
tributed. 

The  CTIA  says  such  legislation  is  prema¬ 
ture. 

“It’s  unnecessary  because  we  haven’t 
done  anything  wrong,” says  John  Walls,  vice 
president  of  public  affairs  at  CTIA.  In  the 
competitive  wireless  services  market,  if  a 


carrier  does  something 
to  irritate  its  customers, 
they  have  the  option  to 
take  their  business  and 
phone  numbers  else¬ 
where,  which  is  more 
effective  than  legislation 
as  a  deterrent,  he  says. 

The  critics  remain  un¬ 
moved  by  such  logic. 

“Customers  see  opt-in 
as  a  disingenuous  foot-in- 
the  door,  leading  to  ‘opt- 
out’  clauses  and  fees  for 
not  publishing  a  num¬ 
ber,”  Verizon  Wireless’ 

Strigl  said  last  month 
addressing  The  Yankee 
Group’s  2004  Wireless 
Leadership  Summit.  “Nor 
does  opt-in  allow  cus¬ 
tomers  any  degree  of 
control  over  how  and  to 
whom  their  information 
is  revealed.  They  either 
keep  full  privacy  or  face 
full  exposure  with  nothing  in-between.” 

One  analyst  says  some  user’s  numbers 
already  might  be  in  queue  to  be  included 
in  such  a  directory 


■  BY  TIM  GREENE 

Tablus  is  upgrading  software  for  its  secu¬ 
rity  appliances  so  a  single  device  can  pre¬ 
vent  more  corporate  data  deemed  sensi¬ 
tive  from  leaving  the  network  undetected. 

The  company’s  Content  Alarm  appli¬ 
ances  scan  data  as  it  moves  across  cor¬ 
porate  networks  and  can  trigger  alarms 
if  unauthorized  files  and  other  digital 
resources  are  being  moved  out  of  the 
network. 

The  new  version  of  Tablus’  software  uses 
a  more  efficient  sorting  algorithm  so  the 
appliance  can  protect  up  to  eight  times 
more  data  than  before,  according  to  CEO 
Jim  Nesbit.The  new  software  supports  sort¬ 
ing  up  to  200G  bytes  of  data, up  from  about 
25G  bytes  in  the  previous  version, he  says.  It 
could  handle  even  more  but  would  run  the 
risk  of  reporting  false  positives,  he  says. 

Content  Alarm  boxes  attach  to  monitor¬ 
ing  ports  of  routers  that  are  physically  close 
to  WAN  connections  and  search  traffic  for 
sensitive  data.  The  appliances  provide 
audits  of  when  this  data  is  moved  and  who 
sent  it.The  audits  can  be  searched  by  date, 
sending  client  or  protocol, and  they  can  be 
used  to  meet  regulatory  requirements  for 
tracking  movement  of  data  that  is  sup¬ 
posed  to  be  kept  confidential. 

Such  appliances  fall  into  a  relatively  new 


product  area  in  which  many  start-up  com¬ 
petitors,  including  Reconnex,  Verdasys, 
Vidius  and  Vontu,  use  slightly  varying  tech¬ 
nologies  to  accomplish  the  same  goals. 

Being  able  to  sort  through  large  volumes 
of  data  is  essential  to  protecting  intellec¬ 
tual  property,  says  Peter  Christy,  an  analyst 
with  NetsEdge  Research.  The  broader  the 
body  of  data  that  can  be  searched,  the 
more  that  can  be  protected. “If  you’re  very 
precise  about  what  you’re  looking  for,  then 
you  don’t  protect  very  much.  Throughput 
is  ke/  he  says. 

It  is  important  to  remember  that  this 
class  of  appliance  doesn’t  enforce  secur¬ 
ity  but  alerts  network  security  staff  that 
possible  breaches  have  occurred.  En¬ 
forcement  by  an  appliance  can  be  a  prob¬ 
lem  if  it  registers  too  many  false  positives 
and  blocks  traffic  that  it  shouldn’t. 
“Security  systems  can  fail  by  impeding 
useful  work,”  Christy  says. 

Notification  of  possible  breaches  is 
important.  “Part  of  a  mature  security  sys¬ 
tem  is  getting  everyone  doing  the  right 
thing,”  he  says.“It  is  key  to  know  what  hap¬ 
pened  so  you  can  get  the  problem  under 
control.” 

Tablus’ Content  Alarm  appliances  start  at 
$29,000,  and  the  software  upgrade  comes 
standard  with  new  purchases.  Current  cus¬ 
tomers  will  receive  a  free  upgrade.  ■ 


STAN  BAROUH 


fcl  Let's,  as  an  industry, 
stop  pushing  something 
on  customers  that  they 
clearly  don’t  want  It’s 
a  dumb  idea.19 

Denny  Strigl 

CEO.  Verizon  Wireless 
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“Business  users  and 
consumers  may  have 
already  given  away  their 
rights  to  privacy  in  their 
contracts,”  says  Bob 
Egan,  president  of  con¬ 
sulting  firm  Mobile  Com¬ 
petency  Users  might  find 
language  in  their  con¬ 
tracts  that  let  their  carrier 
publish  their  number  in 
a  directory  if  one  is 
developed,  he  says. 

The  directory  proposal 
has  supporters  other 
than  the  service  pro¬ 
viders  that  stand  to  profit 
from  it.  Hawaii  Home 
Loans  is  an  all-wireless 
business  with  80  wireless 
voice  and  65  wireless 
data  users. 

“We  could  see  the  ben¬ 
efit  of  having  a  wireless 
directory  include  all  of 
our  business  numbers,” 
says  Leonard  Loventhal,  a  senior  vice  pres¬ 
ident  at  the  Honolulu  company  Such  a 
directory  could  make  the  company’s 
employees  more  accessible  to  clients,  he 
says.  Loventhal  says  he  does¬ 
n’t  have  concerns  about  pri¬ 
vacy  because  all  the  compa¬ 


ny’s  wireless  numbers  already  are  included 
in  advertising  and  printed  on  letterhead. 

Business  customers  concerned  about 
the  directory  should  stipulate  that  none  of 
the  telephone  numbers  associated  with 
their  contract  ever  be  included  in  a  wire¬ 
less  directory, says  Phil  Redman,  analyst  at 
Gartner.  In  addition  to  that  stipulation  in 
the  contract,  users  should  consider  insti¬ 
tuting  policies  that  let  employees  know 
exactly  where  the  company  stands  on  this 
issue,  he  says. 

RKA  Petroleums  Hittleman  agrees. 

“I  would  institute  a  very  strict  policy  to 
prevent  [employees]  from  publishing  num¬ 
bers  in  such  a  directory  Hittleman  says. 
“We  would  adopt  this  policy  under  our  cor¬ 
porate  handbook  and  tie  it  in  to  issues  sur¬ 
rounding  privacy  and  confidentiality 

The  only  customers  who  do  not  need  to 
worry  about  being  included  in  the  direc¬ 
tory  are  those  using  Verizon  Wireless. 
Because  the  carrier  says  it  will  not  partici¬ 
pate,  even  Verizon  Wireless  customers 
who  might  want  their  name  included  in 
the  directory  will  not  have  that  option. 

But  the  service  provider  points  out  that 
wireless  users  could  choose  to  have  their 
wireless  phone  numbers  listed  in  any 
standard  white-pages  directory  as  a  sec¬ 
ond  line.  Users  typically  pay 
about  $2  per  month  for  this 
listing.  ■ 
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LAN/WAN  SWITCHES  AND  ROUTERS 
ACCESS  DEVICES  ■  SERVERS  ■  VPNS 
OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 
VOIP  ■  WIRELESS  NETWORKS 


Dell  continues  network  battle 


■  BY  JENNIFER  MEARS 

Two  years  ago,  Jim  Barry  was  scratching 
his  head  over  Dell’s  decision  to  enter  the 
switching  market.  Today,  the  CIO  at 
OneUnited  Bank  in  Boston  has  deployed  a 
number  of  Dell  switches  to  complement 
the  Dell  servers  and  storage  arrays  he  has 
had  in  place  for  about  four  years. 

Barry  started  buying  the  switches  in 
January  after  getting  some  trial  switches 
thrown  in  for  free  with  a  server  purchase. 

“They  performed  well  and  have  proven 
to  be  a  low-cost  and  reliable  solution,” 
Barry  says.  “We  will  look  to  them  for  our 
future  needs. This  is  in  part  due  to  [Dell’s] 
competitive  pricing  and  feature  set,  and 
then  also  due  to  our  desire  to  work  with  a 
single  source.” 

It’s  this  type  of  customer  thinking  that  is 
helping  Dell,  better  known  for  its  servers 
and  PCs,  make  inroads  in  a  market  Cisco 
has  long  dominated.  Dell  is  targeting 
small  and  midsize  businesses  (SMB)  and 
aims  to  be  a  one-stop  shop  for  these  cus¬ 
tomers  when  it  comes  to  servers,  PCs,  stor¬ 
age  and  network  gear, says  Rick  Froehlich, 
director  of  FbwerConnect  for  Dell. 


■  Unitrends  Software  last  week 
unveiled  storage  systems  to  help 
small  and  midsize  businesses  protect 
their  data.  The  Data  Protection  Units 
are  available  in  desktop  or  rack- 
mountable  configurations  and  include 
data  backup-and-restore  software 
and  scalability  to  as  much  as  20T 
bytes.  They  include  the  ability  to  per¬ 
form  disk-to-disk  backup  and  can  be 
configured  as  a  near-line  vaulting 
product.  The  DPUs  support  a  variety 
of  operating  systems,  including 
Windows,  Linux,  NetWare,  Solaris  and 
UnixWare.  They  also  feature  a  com¬ 
pression  technology  called  RX9  that 
lets  data  backups  and  restores  be 
done  in  a  fraction  of  the  time  of  tape- 
based  alternatives.  The  DPUs  are 
available  in  many  configurations,  scal¬ 
ing  from  250G  bytes  to  more  than  20T 
bytes.  Pricing  starts  at  $4,500. 


Analysts  note  that  larger  companies  also 
are  starting  to  look  to  Dell  for  low-cost, stan- 
dards-based  switches  primarily  for  edge 
deployments  in  workgroup  and  branch- 
office  environments.  But  customers  who 
want  advanced  features  such  as  VoIP  or 
heavy-duty  reliability  for  backbone  switch¬ 
ing  won’t  be  looking  at  Dell. 

“Dell  has  moved  in  this  market  as  expect¬ 
ed,”  says  David  Willis,  an  analyst  at  Meta 
Group.“The  impact  for  larger  vendors  real¬ 
ly  is  secondary . . .  Dell  drives  the  commod¬ 
ity  perception  and  pricing  goes  down.That 
ultimately  hurts  the  larger  vendors  like 


Cisco.  Cisco  tries  to  fight  the  perception 
that  networks  have  commoditized.  It’s  hard¬ 
er  to  sell  at  a  price  premium  if  customers 
think  their  gear  is  like  everybody  else’s.” 

Dell  has  no  illusions  about  where  it’s  best 
positioned.  It  is  making  efforts  to  move 
deeper  into  the  network,  but  is  careful  to 
enter  markets  where  standardization  has 
happened  or  is  well  underway  For  exam¬ 
ple,  earlier  this  year  it  expanded  its  line  of 
switches  with  the  6000  series,  its  first  man¬ 
aged  Layer  3  switch  geared  for  the  core  of 
small  networks  and  branch  offices  or  to  act 
as  an  aggregator  in  wiring  closets  for  larger 


companies.  Froehlich  wouldn’t  say 
whether  a  Layer  4-7  switch  is  coming  and  if 
Dell  plans  to  integrate  features  such  as  VoIP 
into  its  switches. 

“We’re  going  to  stick  to  our  knitting  a  bit 
here,”  Froehlich  says. “We  have  a  lot  of  run¬ 
way  left  in  these  markets,  and  my  feeling  is 
we’ve  got  plenty  of  other  SMB  opportuni¬ 
ties  around  the  world  we  need  to  pene¬ 
trate.  I  see  tons  of  opportunity  for  us  to  con¬ 
tinue  to  aggressively  grow  without  getting 
outside  the  bounds  of  what  we  think  is 
standardized  and  standardizing  right  now” 

See  Dell,  page  18 


Siemens  exec  talks  up  VoIP 


Siemens  made  Andy  Mattes  CEO  of 
its  US.  enterprise  operations  in  May, 
and  a  big  part  of  his  job  will  be  to 
increase  the  company's  market 
share  in  enterprise  VoIP  (Inf oTech 
had  Siemens  in  fourth  place  in  the 
US.  IP  telephony  market  last  year, 
behind  Cisco,  Avaya  and  Nortel.) 
With  the  debut  of  its  HiPath  8000  in 
May,  the  vendor  outlined  its  blue¬ 
print  for  mnning  VoIP  as  a  network  application  via 
standards-based  IBM  servers  mnning  Session 
Initiation  Protocol  and  Linux.  Mattes  recently  talked 
with  Network  World  Senior  Editor  Phil  Hochmuth 
about  the  challenges  Siemens  faces  in  the  conver¬ 
gence  market. 


What  are  some  of  the  m^jor  holdups  or  issues  that  prevent  corpo¬ 
rations  from  migrating  to  IP  telephony? 

Getting  a  financial  person  in  a  [company]  to  believe 
in  the  technology  is  key  Without  that,  you  won’t  get  an 
investment,  no  matter  what  industry  you’re  in.  Until  a 
CXO,or  usually  the  CFO,  sees  the  benefits  there  in  terms 
of  the  bottom  line,  they  won’t  invest  into  any  type  of  new 
technology  ...  .As  long  as  the  industry  only  pushes  the 
technology  and  not  the  business  case,  then  the  end  user 
won’t  see  the  benefit  if  their  calls  run  over  an  IP  network 
vs.  a  TDM  network. 

Many  rr  professionals  say  its  hard  to  quantify  the  productivity 
gains  promised  by  IP  telephony  technology.  What  do  you  say 
to  them? 


I  believe  ‘killer  application’  is  an  over-used  term,  but  pres¬ 
ence  is  a  key  driver.  If  two  people  are  trying  to  reach  each 
other,  leaving  messages  back  and  forth  at  the  office  —  on 
cell  phones,  with  secretaries  and  on  BlackBerries  and  so 
forth  —  they  could  go  back  and  forth  for  or  five  times.They 
are  also  paying  a  network  provider  four  or  five  times  on 
each  try  Presence  can  make  sure  that  important  people  are 
accessible.The  system  will  find  the  person  on  the  device 
[he]  wants  to  work  with.This  will  reduce  the  calls,  the  mes¬ 
sages  and  the  network  charges  dramatically ...  If  you  have  a 
1,000-user  company, you  can  easily  run  a  phone  bill,  with 
cell  phones,  up  to  $2  million. With  a  presence  infrastruc¬ 
ture,  you  can  probably  cut  that  in  half  —  not  because  you 
are  talking  less,  but  because  you  are  making  things  more 
efficient. 

Siemens  has  no  data  products  or  close  partnerships  with  data 
vendors.  Meanwhile,  many  of  your  IP  telephony  competitors  - 
3Com,  Avaya,  Cisco,  Nortel  -  either  have  a  full  data  portfolio  or 
have  made  complementary  partnerships  [as  with  Avaya  and 
Extreme  Networks].  Are  there  any  partnership  or  acquisition  plans 
in  the  works  for  Siemens? 

Our  IP  telephony  products  operate  independent  of  the 
network.That  s  always  been  our  approach.  Users  are  limit¬ 
ing  themselves  if  they  just  think  of  communications  as  an 
add-on  to  a  LAN  switch  or  router. You  want  to  think  of  it  as 
a  true  IT  application  that  can  run  like  an  application. 

Our  vision  is  to  integrate  communications  into  the  busi¬ 
ness  process  workflow  and  not  the  network  itself.  For  this 
integration, your  products  have  to  work  with  all  the  other 
stuff  that’s  around  them. . . .  Unless  [your  products]  are  stan¬ 
dards-based,  then  integration  into  other  things  around  you 
becomes  more  complicated. 


See  Siemens,  page  18 
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Microsoft  launched  a  “new  and 
improved"  search  facility  at  msn. 
com  a  few  weeks  ago,  and  many 
people  seemed  to  positively  gush  about 
how  wonderful  it  is.  But  is  it? 

In  Network  World's  story  on  the  launch 
www.nwfusion.com,  DocFinder:  2774), 
Gartner  analyst  Allen  Weiner  said, “The  pri¬ 
mary  enhancement  you’ll  find  is  in  its  inter¬ 
face,  in  the  look  and  feel:  a  cleaner  site  that 
allows  for  a  friendlier  user  experience.”  He 
got  that  right.  Following  on  the  heels  of 
Yahoo,  MSN’s  search  results  now  also  look 
like  a  pale  rip-off  of  Google:  search  results 


Searching  for  the  ideal  search  engine 


on  the  left,  ads  on  the  right, sponsored  links 
at  the  top  —  all  in  soft,  cool  colors. There’s 
none  of  the  glitz  and  clutter  of  MSN’s  home 
page,  which  can  be  somewhat  jarring  as 
you  move  back  and  forth  between  them. 

But  let’s  face  it,  the  test  of  a  search  engine 
is  in  the  results,  not  in  the  page  design. 
Putting  lipstick  on  a  pig  doesn’t  change 
that  it’s  still  a  pig. 

1  was  getting  ready  to  spend  the  Fourth  of 
July  weekend  in  the  Northern  California 
town  of  Point  Arena,  so  I  thought  it  might 
be  worthwhile  to  use  a  search  on  the 
town’s  name  as  a  comparison  item 
between  MSN  and  Google.  So  I  entered 
“Point  Arena”  (with  the  quotes,  as  Google 
has  taught  us  to  do  with  phrases)  into  the 
MSN  search  box.  The  result  is  <  Sorry  no 
results  were  found  containing  ““point 
arena””>.  Note  the  two  sets  of  quotes 
around  the  name.  I  re-entered  the  phrase 


without  quotes,  and  MSN  quickly  returned 
results  —  more  than  860,000  of  them! 
(Google,  by  comparison,  returns  86,000  on 
“Point  Arena” with  the  quotes). MSN  includ¬ 
ed  “Flashpoint  Arena”  as  result  No.  7,  which 
is  some  sort  of  game  site  and  has  nothing 
to  do  with  any  California  city 

So  1  then  click  on  “advanced  search”  and 
choose  “exact  phrase”  as  the  thing  to 
search  on.  This  retrieves  12,000  results — 
but  still  includes  the  “Flashpoint  Arena”site 
(still  No.  7)!  At  least  all  20  results  on 
Google’s  first  results  page  are  relevant.  (By 
the  way  Yahoo  returned  about  61,000  re¬ 
sults  of  which  the  top  20  were  all  relevant.) 

I’ll  agree  that  MSN’s  new  search  results 
pages  look  very  nice.  But  when  1  want  fast, 
accurate,  relevant  results,  I’ll  stick  with  my 
Google,  thanks. 

Kearns,  a  former  network  administrator, 


is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquili.  com. 
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Tip  of  the  Week 


It's  a  busy  July  for  this 
peripatetic  pundit  as  I  put 
in  appearances  at  the 
Catalyst  conference  (San 
Diego),  Open  Source  Confer¬ 
ence  (Portland,  Ore.)  and 
LinuxWorld  (San  Francisco). 
Stop  me  in  the  aisles  and 
tell  me  what  you'd  like  to 
hear  more  about  (or  less 
about,  for  that  matter). 


. 


Looking  to  switch 


Dell  is  making  inroads  in  the  low-end  switching  market  as  its  low-cost,  direct  sales  model  puts  pricing  pressure 
on  bigger  players.  A  look  at  Dell’s  switch  history: 


July  2001 

Announces  plans  to  roll  out 
a  line  of  network  switches 
for  the  SMB  market. 


June  2002 

Introduces  its  first  switches  with  advanced 
management  and  multilevel  QoS,  the 
PowerConnect  3248  and  the  PowerConnect  5224. 


September  2003 

Offers  new  management  software,  Dell 
OpenManage  Network  Manager,  to  simplify 
management  of  PowerConnect  switches. 
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April  2003 - 

Announces  the  PowerConnect  5212  GigE 
switch,  the  PowerConnect  3348 
and  3324  Fast  Ethernet  switches, 
all  with  advanced  management 


and  security  features. 


2004 


January  2004  - 

Jumps  into  the  core  switching  fray  and  rolls 
out  new  Layer  3  GigE  switches, 
the  PowerConnect  6024  and 
6024F,  both  of  which  support 


PowerConnect  6024  and  6024F  advanced  routing  protocols. 
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Siemens 

continued  from  page  17 

You  say  Siemens'  products  will  run  on 
any  network.  But  isn't  there  some 
advantage  to  having  technologies  run¬ 
ning  on  switches  and  routers  that  opti¬ 
mize  VoIP? 

I  say  au  contraire.When  you’re 
network-agnostic,  you’re  more 
open.  If  a  customer  wants  to  go 
voice  over  Wi-Fi  instead  of  a  LAN, 
that’s  fine.  If  customer  wants  to  do 
3G  on  mobiles,  that’s  fine. We  can 
provide  the  same  application  inde¬ 
pendent  of  the  network.  End  users 
want  the  flexibility  to  choose  their 
networks.The  driving  force  for 
choosing  a  network  should  not  be 
whether  it  will  support  a  certain 
[IP  voice  system] .  IP  telephony 
should  provide  the  productivity  on 
top  of  an  optimized  network.  It 

I  should  not  be  a  pull-through  tech¬ 
nology  for  a  network  vendor. 

What  will  be  your  biggest  challenge  in 
growing  Siemens'  market  share  vs. 
Cisco  and  others? 

Making  sure  that  the  [business] 
coming  our  way  is  executed  and 
[the  products  are]  installed  prop¬ 
erly.  Growth  in  itself  is  a  challenge. 
But  we  have  a  unique  opportunity. 

A  big  advantage  for  us  is  that  we 
can  also  integrate  into  vertical  mar¬ 
kets  where  my  colleges  in  other 
Siemens  divisions  have  a  strong 
presence  —  such  as  manufactur¬ 
ing,  healthcare  or  building  tech¬ 
nologies.  One  example  might  be  an 
end-to-end  vertical  solution  for  a 
hotel  or  stadium. That’s  an  addition¬ 
al  opportunity  where  I  could  bring 
big  Siemens  into  play.B 


September  2001 

Unveils  Gigabit  Ethernet  and  Fast 
Ethernet  PowerConnect  switches  — 
the  PowerConnect  5012,  PowerConnect 
3024  and  PowerConnect  2024. 


Dell 

continued  from  page  17 

It’s  this  commitment  to  stick  to  commod¬ 
ity  markets  that  is  helping  Dell  make 
inroads  with  its  switch  business,  which  uses 
the  same  direct  sales,  low-pricing  approach 
that  has  brought  it  success  in  other  areas. 

While  falling  into  the  “other”  category  in 
terms  of  market  share  two  years  ago,  the 
firm  now  has  about  3%  of  the  per-port  LAN 
switching  market,  according  to  the  latest 
report  from  Synergy  Research  Group. 

When  revenue  is  considered,  however, 
Dell’s  market  share  drops  to  less  than  1%, 
not  surprising  because  Dell’s  strength  has 
always  been  its  ability  to  undercut  pricing. 
When  it  entered  the  market  in  fall  of  2001,  it 
introduced  switches  priced  as  low  as  $100 
per  Gigabit  Ethernet  port,  about  half  of  the 
average  $219  per  port  pricing  at  that  time. 

Today,  Dell  has  dropped  per-port  pricing 
to  as  low  as  $20  for  managed  Fast  Ethernet 
switches.  Its  managed  Layer  3  switch,  the 
PowerConnect  6024,  starts  at  $210  per 
Gigabit  Ethernet  port.  By  contrast,  Cisco’s 
Catalyst  3750  was  priced  starting  at  about 
$250  per  10/1 00/ 1 000M  bit/sec  port  when  it 
was  introduced  last  year. 

The  good  news  for  Dell  is  that  it  is  one  of 


a  handful  of  companies  that  saw  its  LAN 
switching  revenue  grow  last  year,  expand¬ 
ing  38%  over  2002,  according  to  Synergy 
Research. 

Dell  doesn’t  break  out  revenue  for  its  net¬ 
work  group,  but  the  company  that  ranked 
fourth  on  the  NW200  with  $4 1  billion  in  rev¬ 
enue  in  2003  brought  in  about  $84  million 
in  LAN  switching  revenue  in  2003,  up  from 
$61  million  in  2002,  according  to  Synergy 

Analysts  expect  Dell  to  continue  its 
steady  growth  in  the  SMB  markets  and 
even  with  workgroup  and  branch-office 
deployments  in  large  corporations.  But  if 
Dell  aims  to  expand  its  network  business 
—  and  it  seems  to  given  its  move  into  man¬ 
aged  Layer  3  switching  —  it  needs  to  con¬ 
tinue  to  add  advanced  management  capa¬ 
bilities  and  begin  looking  at  other  areas 
such  as  firewalls,  routers  and  IP  telephony, 
analysts  say 

“While  the  vendor  is  currently  swimming 
with  the  bottom  feeders,  it  clearly  has  its 
sights  set  on  gaining  market  share  from 
these  first-tier  vendors  [such  as  HP  and 
Cisco]  ”  Stan  Schatt,  an  analyst  at  Forrester 
Research,  wrote  in  a  report  on  the  SMB 
switching  market  earlier  this  year.To  break 
the  bonds  of  a  mere  commodity  status, 
however,  there  are  still  some  key  areas  Dell 


needs  to  address.” 

Those  areas  include  support  for  VoIP; 
integration  of  wireless  LAN  technology 
including  Power  over  Ethernet;  enhanced 
network  management  features;  and  more- 
sophisticated  security  capabilities  such  as 
support  for  IEEE  802. lx  or  user-identity- 
based  profiles,  Schatt  says. 

Dave  Bobzien,  regional  technology  man¬ 
ager  at  commercial  real  estate  firm  Colliers 
International  in  Seattle,  says  he  is  happy 
with  the  switching  capabilities  he  gets  from 
Dell.  After  having  problems  with  a  larger 
vendor,  Bobzien,  who  also  uses  desktops, 
notebooks  and  servers  from  Dell,  opted  to 
give  the  new  Dell  switches  a  try  in  2002. 

Today  Bobzien  has  transitioned  nearly  all 
his  region’s  12  offices  to  Dell  switches  and 
expects  to  complete  the  migration  in  the 
next  few  months.  He  says  by  moving  to  Dell 
he  has  cut  his  switching  costs  nearly  in  half. 

“When  all  was  said  and  done,  for  the 
same  number  of  ports  and  uplink  and 
everything  else,  the  other  vendor  was 
$  1 ,700, and  that  was  with  90  days  telephone 
support,”  he  says.  “The  Dell  switch  was 
slightly  under  $1,000  at  the  time  —  and 
they’ve  dropped  in  price  since  then  —  and 
that  was  with  24-7  support  for  three  years,” 
he  says.  ■ 


In  an  extreme  world... 
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10  gigabit  uplink  option 


THE  SUMMIT®  400  -  THE  PEAK  OF  NETWORK  PERFORMANCE 


Extreme  Networks  is  revolutionizing  the  networking  industry  with 
the  highest  performance  Layer  3  10/100/1000  fixed  configuration 
edge  switch,  with  the  industry's  first  and  only  modular  10  gigabit 
uplink  option.  The  Summit  400,  designed  for  enterprise  networks 
deploying  gigabit  to  the  desktop,  enables  customers  to  fearlessly 
deploy  Gigabit  Ethernet  to  the  edge  today,  and  have  the  added  peace 
of  mind  that  they  can  fully  performance-enable  their  wiring  closet 
infrastructure  through  future  upgrades.  How’s  that  for  a  switch ? 


GO  BEYOND 

WITH  EXTREME  NETWORKS 

Contact  Extreme  Networks  at 
1.888.257.3000  or  visit  us  on  the  web  c‘l 

www.extremenetworks.com/go/sum400.f5tni 


©  2004  Extreme  Networks,  Inc  All  K ignis  Beserveo 
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LOGY  INVESTIVIE 


Introducing  DuPont™  certified  limited  combustible  cable.  In  the  event  of  a  fire,  securing  your 
business'  uptime  is  crucial.  The  data  communications  cable  you  choose  could  play  a  key  role  in 
protecting  your  network  technology  investment.  DuPont™ certified  cable  produces  20  times  less  smoke 
than  other  plenum  rated  cables.  And  less  smoke  means  less  costly  downtime,  making  it  the  most 
advanced  fire  safety  cable  technology  available  today.  To  learn  more  about  DuPont ™  certified  limited 
combustible  cable  or  to  request  a  free  CD,  log  on  to  teflon.com/cablingmaterials  or  call  1-800-207-0756. 
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The  miracles  of  science” 


■  PORTALS  ■  MESSAGING/GROUPWARE 

■  E-COMMERCE  ■  SECURITY 

■  MIDDLEWARE  ■  DIRECTORIES 

■  NETWORK  AND  SYSTEMS  MANAGEMENT 

■  WEB  SERVICES 


■  Configuresoft  last  week  unveiled 

upgrades  to  its  Security  Update 

Manager  2.5,  which  lets  companies 
distribute  patches  and  software 
updates  across  firewalls  via  HTTP. 
Previously,  companies  needed  to  mod¬ 
ify  firewall  configurations  to  distribute 
software  outside  a  LAN.  The  feature 
also  works  across  the  client-side  fire¬ 
wall  that  is  turned  on  by  default  in  the 
Windows  XP  Service  Pack  2.  SUM  2.5, 
a  module  for  Configuresoft’s 
Enterprise  Configuration 
Manager,  also  is  integrated  with 
ECM  Remote  for  automatic  patching 
of  mobile  devices.  Pricing  for  SUM  2.5 
starts  at  $25  per  server  and  $5  per 
workstation. 

■  Coyote  Point  Systems  last 
week  rolled  out  a  load-balancing 
Secure  Sockets  Layer  acceleration 
appliance  that  uses  Dell  servers  to 
deliver  Coyote  Point  technology. 
Coyote  Point  is  offering  the  Equal- 

.  izer  Extreme  on  a  Dell  PowerEdge 
1750  server.  The  Equalizer  Extreme 
can  handle  1G  bit/sec  of  bandwidth 
and  12  million  concurrent  sessions. 
The  product  sits  at  the  edge  of  a 
data  center  network  and  balances 
traffic  among  Web  and  application 
servers.  It  can  offload  SSL  encryp¬ 
tion  from  servers  and  perform  Layer 
4-7  load  balancing.  The  product  costs 
$10,000. 

■  The  free  e-mail  stampede  contin¬ 
ued  last  week  with  another  Internet 
company  taking  on  Google's  Gmail 
offering  with  its  free  iG-byte  e-mail 
service.  Israeli  Web  portal  provider 
Walla  Communications  has 
launched  WallaMail,  a  service  that 
offers  tools  such  as  in-box  search,  an 
e-mail  filtering  system  and  an  anti¬ 
virus  application.  It  offers  enough 
space  to  archive  40,000  e-mails,  2,000 
pictures  and  50  one-minute  video 
clips,  the  company  says.  WallaMail  is 
the  latest  entrant  in  the  e-mail  stor¬ 
age  market,  which  includes  Yahoo 
and  Lycos.  Sign  up  is  available  at 
www.walla.com.The  company  plans 
to  offer  an  ad-free  version  of  its  ser¬ 
vice  for  about  $15  per  year. 


Tools  help  manage  domain  names 


■  BY  CAROLYN  DUFFY  MARSAN 

With  thousands  of  brands  and  decen¬ 
tralized  business  operations,  The  Hearst 
Corp.  was  having  trouble  managing  its 
portfolio  of  more  than  1,500  domain 
names. 

Important  domain  names  had  acciden¬ 
tally  expired.  Speculators  had  snapped  up 
other  names,  prompting  expensive  legal 
action.  Hearst  employees  who  were  listed 
as  billing,  technical  and  administrative 
contacts  on  domain  name  registrations 
had  left  the  company,  so  renewal  notices 
weren’t  being  received. 

To  fix  the  problem, Hearst  has  outsourced 
the  management  of  its  domain  name  port¬ 
folio  to  VeriSign.  Now  VeriSign  automatical¬ 
ly  renews  Hearst’s  domain  names  using 
standard  contact  information  and  provides 
a  consolidated  monthly  bill. 

Hearst  is  not  alone.  More  companies  are 
turning  to  service  providers  such  as 


VeriSign  and  Arcemus  (with  its  purchase 
of  Iron  Mountain  in  May)  to  manage  their 
growing  domain  name  portfolios. 

Meanwhile,  companies  that  want  to  man¬ 
age  their  own  domain  name  portfolios  can 
choose  from  software  packages  such  as 
Name  Stalker,  Watch  My  Domains  Pro  and 
Domain  Punch  Professional,  and  beefed- 
up  Web-based  reporting  and  alerting  tools 
from  domain  name  registrars. 

“Companies  have  more  and  more 
names  to  manage.  What  they  were  finding 
was  that  they  had  lost  control  over  what 
they  had,”  says  Champ  Mitchell,  CEO  of 
Network  Solutions,  a  leading  domain 
name  registry  for  U.S.  corporations. 

That’s  what  happened  to  Hearst.  The 
New  York  media  conglomerate  had  about 
100  people  registering  and  renewing 
domain  names  for  its  magazines,  newspa¬ 
pers,  cable  networks,  television  and  radio 
stations. 

“We’re  a  very  brand-intensive  organiza- 


fci  Companies  have  more 
and  more  names  to  man¬ 
age.  What  they  were  find¬ 
ing  was  that  they  had 
lost  control  over  what 
they  had.  99 

Champ  Mitchell 

CEO,  Network  Solutions 

tion,”  says  Peter  Rowlinson,  CTO  of  Hearst 
Business  Media.  “We  were  managing  our 
domain  names  in  a  semi-autonomous 
fashion. We  have  multiple  divisions,  and  we 
had  struggled  with  setting  up  policies  and 
procedures  and  communicating  those.” 

So  Hearst’s  IT  Strategy  Team  set  up  a 
See  Domain  names,  page  22 


Qovia  ready  to  take  on  VoIP  spam 


■  BY  CARA  GARRETSON 

Hoping  to  get  a  jump  on  VoIP  spam 
before  it  overwhelms  corporate  net¬ 
works,  management  tool  maker  Qovia 
plans  to  release  software  designed  to 
block  unwanted  voice  messages  sent 
over  IP  networks. 

While  acknowledging  that  VoIP  spam 
isn’t  yet  creating  the  headaches  that  tradi¬ 
tional  e-mail  spam  has,  Qovia  plans  to 
develop  a  tool  that  blocks  unwanted 
voice  mail  messages  so  when  spammers 
begin  blasting  IP  networks  with  multiple 
copies  of  a  voice  recording,  administra¬ 
tors  will  be  able  to  defend  their  users’ 
voice  mailboxes,  says  Richard  Tworek, 
CEO  of  Qovia.  In  late  June  the  company 
filed  a  patent  application  for  a  method  of 
detecting  and  blocking  VoIP  spam,  and 
plans  to  release  a  tool  to  implement  that 
technology  by  year-end. 

“By  no  stretch  has  [VoIP  spam]  slowed 
down  the  VoIP  industry  Most  buyers  are 
enterprises  using  it  between  branches 
and  campuses,”  Tworek  says.  But  with  the 
adoption  of  VoIP  networks  about  to  take 
off,  the  company  expects  its  anti-spam 
tool  will  help  stem  the  tide  of  VoIP  spam 
that’s  likely  to  swell  as  the  technology 
becomes  more  popular.  “We’re  getting 


ahead  of  this  one,”  he  says. 

It’s  inevitable  that  spam  will  infiltrate 
VoIP  networks,  just  as  it  has  the  Internet 
and  text-messaging  networks,  says  Winn 
Schwartau,  president  of  The  Security 


VoIP  in  volume 

By  2008, 

25% 

of  the  world’s  telephony  lines 
will  be  IP  based,  according  to 
The  Radicati  Group. 


Awareness  CompanyTIt’s  the  opening  up 
of  the  whole  IP  world  to  a  different  type 
of  spam,”  he  says,  adding  that  he’s 
already  received  voice  spam  on  his  cell 
phone.  “It’s  going  to  be  huge,  and  com¬ 
panies  like  Qovia  are  going  to  do  real 
well.” 

What  makes  sending  commercial  mes¬ 
sages  over  VoIP  networks  appealing  to 
spammers  is  that,  much  like  e-mail  spam, 
it  can  be  done  quickly  and  inexpensively. 
Using  a  VoIP  network,  spammers  can 


record  one  voice  mail  message  and  send 
it  to  hundreds  of  thousands  of  IP  address¬ 
es,  where  it  appears  in  users’  voice  mail¬ 
boxes, Tworek  says. 

Qovia’s  anti-spam  tool,  which  will  be 
released  by  year-end  as  a  security  module 
to  the  company’s  VoIP  management  and 
monitoring  product, also  will  protect  com¬ 
panies  against  denial-of-service  attacks 
designed  to  bring  down  a  company’s  net¬ 
work,  Tworek  says. 

The  anti-spam  tool  doesn’t  listen  to  an 
actual  voice  message,  he  adds,  but  uses 
algorithms  to  determine,  for  example,  if 
calls  are  generated  by  humans  or 
machines.  Much  like  anti-spam  tools  for 
e-mail,  it  will  sort  through  incoming  mes¬ 
sages  to  attempt  to  distinguish  wanted 
from  unwanted.Wanted  messages, such  as 
broadcasts  containing  emergency  in¬ 
formation  or  company-wide  information, 
will  still  get  through  to  their  recipients,  he 
says. 

The  company  would  not  reveal  how  the 
tool  will  identify  wanted  voice  messages 
from  unwanted  messages. 

Qovia  says  that  while  other  vendors 
sell  tools  to  monitor  and  manage  VoIP 
networks,  it  is  the  first  to  develop  a  prod¬ 
uct  that  focuses  on  blocking  VoIP  spam. 
Pricing  has  not  been  announced.  ■ 
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In  a  ruling  that  flies  in  the  face  of  com¬ 
mon  sense,  the  U.S.  Court  of  Appeals  for 
the  First  Circuit  ruled  in  late  June  that  it 
would  not  be  illegal  for  AOL,  Hotmail  or 
any  other  commercial  or  non-commercial 
e-mail  service  provider  to  read  your  mail. 
The  logic  —  if  that  is  what  it  should  be 
called  —  followed  by  the  court  in  this  case 
could  have  far-more  serious  implications  if 
this  ruling  is  upheld  or  Congress  does  not 
reword  the  wiretap  law  to  make  it  less  pos¬ 
sible  for  a  court  to  ignore  the  law’s  clear 
intent. 

In  the  case, U.S.  v.  Bradford  C. Councilman, 
Councilman  was  accused  of  intercepting 
e-mail  sent  from  Amazon.com  to  sub¬ 
scribers  of  an  ISP  that  he  ran.  He  was 


Maybe  you  shouldn’t  digitize  your  communications 


accused  of  doing  this  because  he  also  was 
in  the  book-selling  business  and  he 
thought  he  could  get  information  from 
these  e-mail  messages  that  would  help  him 
in  his  business.  Councilman  argued  that 
intercepting  e-mail  messages  the  way  he 
was  accused  of  doing  did  not  violate  the 
U.S.  federal  wiretap  law  because  that  law 
did  not  cover  electronic  communications 
that  were  in  temporary  storage.  In  this  case 
the  messages  were  temporarily  stored  on 
disk  waiting  for  a  user  to  retrieve  them. 

The  argument  hinged  on  a  wording  dif¬ 
ference  between  the  definition  of  “wire 
communications”  and  “electronic  commu¬ 
nications”  in  the  wiretap  law. The  definition 
of  wire  communications  includes  “elec¬ 
tronic  storage”  of  communications,  but  the 
definition  of  electronic  communications 
does  not  include  the  “electronic  storage” 
language.  The  trial  court  judge  accepted 
Councilmans  argument, as  did  the  appeals 
court. The  majority  opinion  in  the  appeals 
court  said  they  felt  “that  Congress  meant  to 


give  lesser  protection  to  electronic  com¬ 
munications  than  to  wire  and  oral  com¬ 
munications”  (see  www.nwfusion.com, 
DocFinder:  2771).  The  opinion  did  note 
that,  under  their  interpretation,  “much  of 
the  protection  [of  the  wiretap  law]  may 
have  been  eviscerated  by  the  realities  of 
modern  technology’ 

The  appeals  court  decision  was  a  2-1 
decision  and  the  very  well  written  dissent¬ 
ing  opinion  by  Judge  Kermit  Lipez  basical¬ 
ly  said  the  majority  misunderstood  the 
intent  of  Congress.The  dissent  also  pointed 
out  that,  under  the  majority  view,  all  types 
of  electronic  communication,  not  just 
e-mail  messages,  legally  can  be  intercept¬ 
ed.  This  is  because  all  types  of  electronic 
communications  are  broken  up  into  pack¬ 
ets  for  transmission  through  the  network 
and  such  packets  sit,  at  least  for  a  while,  in 
buffers  in  routers.  If  copying  data  from  a 
temporary  buffer  is  legal  when  it  comes  to 
email, it  would  also  be  legal  when  it  comes 
to  packets  in  a  router  buffer.  Lipez  said  he 


found  it  inconceivable  that  this  was 
Congress’  intent  when  they  wrote  a  law  to 
protect  the  privacy  of  communications. 

This  opinion  is  certain  to  be  appealed 
and  maybe  higher-level  courts  will  be 
more  persuaded  by  Lipez’s  analysis  than 
by  the  word-nitpicking  of  the  majority  In 
any  case  it  would  be  a  good  idea  for 
Congress  to  remove  the  ability  for  such  nit¬ 
picking  to  obscure  the  clear  intent  of  the 
wiretap  law.  In  the  meantime,  maybe  you 
should  take  this  as  another  reason  to  seri¬ 
ously  look  at  encrypting  your  Internet  com¬ 
munications  (which  you  already  should  be 
doing  in  many  cases). 

Disclaimer:  I  did  not  check  to  see  if  the 
Harvard  Law  School  has  a  class  in  obscur¬ 
ing  the  clear  intent  of  laws,  but  it  does  seem 
like  a  useful  defense  attorney  skill.  The 
above  advice  is  from  me,  not  Harvard. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com. 
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committee  that  included  repre¬ 
sentatives  of  its  various  business 
units  and  the  legal  department, 
and  employees  who  had  regis¬ 
tered  names  in  the  past.The  com¬ 
mittee  conducted  a  company¬ 
wide  inventory  of  domain  names 
and  established  procedures  for 
domain  name  registrations  and 
renewals. 

Then  the  committee  conduct¬ 
ed  a  cost-benefit  analysis  and 
decided  to  outsource  the  man¬ 
agement  of  its  domain  name 
portfolio.  Last  fall,  Hearst  signed 
a  two-year  contract  with  VeriSign 
for  its  Digital  Brand  Management 
Services. 

“VeriSign  was  the  only  vendor 
that  met  all  of  our  requirements,” 
Rowlinson  says. “We  needed  con¬ 
solidated  monthly  billing  tied  into 
our  back-end  billing  system.  The 
invoice  had  to  be  processed  as  a 
single  transaction  in  our  service 
center” 

While  VeriSign  sells  outsourced 
domain  name  management  ser¬ 


vices,  Network  Solutions  offers 
automated  tools  for  companies 
that  want  to  manage  their  own 
domain  name  portfolios. 

Network  Solutions  has  over¬ 
hauled  and  updated  its  Online 
Account  Management  Tool  dur¬ 
ing  the  last  18  months  to  provide 
added  functionality  to  corporate 
clients,  some  of  whom  own  more 
than  10,000  names.  New  features 
make  it  easier  to  standardize  con¬ 
tact  names  and  keep  them  cur¬ 
rent.  An  alerting  capability  lets 
companies  know  when  a  name  is 
going  to  expire. 

“We  offer  a  complete  suite  that 
allows  people  to  manage  their 
names  in  bulk,  to  manage  across 
multiple  accounts  and  consoli¬ 
date  accounts,”  Mitchell  says.  “We 
allow  them  to  delegate  some 
management  functions  but  still 
retain  control.” 

One  company  that  uses  Net¬ 
work  Solution’s  tool  is  Lexis- 
Nexis,  an  online  legal  research 
service  in  New  York.  LexisNexis 
has  800  domain  names,  which 
the  company’s  telecom  group 
manages. 


“I  originally  created  my  own 
spreadsheets  because  I  had 
so  many  names  to  keep  track 
of,  but  then  they  came  out 
with  their  own  tool.  I  like  the 
feature  that  tells  me  when  it’s 
time  to  renew  a  name,”  says 
John  Mawhirter,  a  consulting 
telecom  engineer  with  Lexis¬ 
Nexis. 

U.S.  multinational  compa¬ 
nies,  such  as  LexisNexis  and 
Hearst,  keep  snapping  up  do¬ 
main  names,  which  are  now 
available  in  more  than  240 
extensions.  In  total,  more  than 
63  million  domain  names 
were  registered  as  of  March, 
according  to  VeriSign.  Of 
those,  4.7  million  were  new 
names  registered  during  the 
first  quarter  of  2004  —  the 
highest  quarterly  figure  in  the  his¬ 
tory  of  the  Internet. 

Managing  domain  names  is 
going  to  get  more  difficult  for 
companies  later  this  year  as  their 
portfolios  grow  with  the  avail¬ 
ability  of  new  extensions,  includ¬ 
ing  .eu,  which  is  sponsored  by 
the  European  Union.  Meanwhile, 
the  Internet  Corporation  for 
Assigned  Names  and  Numbers  is 
evaluating  new  sponsored  top- 
level  domains,  including  .asia, 
.jobs  and  .mail. 

“Like  most  U.S.-based  compa¬ 
nies, we  have  a  lot  of  .com  names. 
But  in  our  magazine  space,  we 
have  quite  a  few  brands  spread 
out  throughout  the  world,” 
Rowlinson  says.  “The  new  exten¬ 
sions  keep  popping  up,  and  we 
have  to  make  an  analysis  of 
whether  this  is  a  country  we  want 
to  market  our  products  in.” 


Choices  galore 

Domain  name  portfolios  expand 
as  new  extensions  are  introduced. 


Domain  name  registrations  in  the  first 
quarter  of  2004: _ 

Total  registrations  =  63  million 

Other  country  code 
top-level  domains 

19%' A  _ de  12% 

.uk  8% 
.net  7% 
.org  5% 
.info  2% 
.biz  2% 

SOURCE:  VERISIGN 

One  company  that’s  seeking 
outside  help  to  manage  its  4,000 
domain  names  is  Turner  Broad¬ 
casting  System  (TBS),  another 
user  of  VeriSign’s  Digital  Brand 
Management  Services.  TBS  has  a 
centralized  management  system 
for  domain  names  that  involves 
the  company’s  legal  and  IT 
departments. 

“We  had  one  or  two  instances 
prior  to  having  vendors  help  us 
with  domain  name  management 
tools  where  a  name  expired  for 
one  reason  or  another,”  says  Kari 
Moeller,  domain  name  counsel 
for  TBS. “We  have  had  in  the  past 
someone  get  a  whiff  of  a  new 
program  and  buy  a  name  first. 

But  it  hasn’t  been  a  huge  prob¬ 
lem,  and  I  think  our  centraliza¬ 
tion  is  one  of  the  reasons  it  hasn’t 
been  a  huge  problem." 

The  Atlanta  broadcasting  com¬ 


pany  uses  VeriSign’s  Web- 
based  tools  to  handle 
domain  name  registrations 
and  renewals.  All  the  compa¬ 
ny’s  names  —  especially  the 
valuable  cnn.com  —  are  re¬ 
newed  automatically  Moeller 
uses  the  software  to  keep 
contact  information  current, 
conduct  audits  and  run  regu¬ 
lar  reports. 

“I  can  run  reports  to  find 
out  what’s  coming  up  for 
renewal  or  to  figure  out 
where  we  may  have  gaps  in 
our  portfolio,”  Moeller  says. 
“The  software  allows  us  to 
be  more  efficient  so  domain 
name  management  takes 
less  time.” 

Moeller  says  having  auto¬ 
mated  tools  for  domain 
name  management  will  be  even 
more  important  with  the  addition 
of  .eu  names  and  sponsored  top- 
level  domains. 

“It’s  really  important  to  have 
everything  centralized. You  need 
one  group  in  charge  with  a  data¬ 
base  that  can  grow  with  you 
need  and  meet  your  needs,”  she 
says.  “It’s  also  important  to  have 
vendors  that  are  knowledgeable 
about  the  domain  name  indus¬ 
try  ..  .  and  have  good  relation¬ 
ships  with  [other  registries  and 
registrars] .” 

Moeller  says  services  like  Veri¬ 
Sign’s  are  an  important  safety  net 
for  corporations  with  large  and 
valuable  domain  name  portfolios. 

“Domain  name  portfolio  man¬ 
agement  shouldn’t  be  that  diffi¬ 
cult,”  Moeller  adds.  “But  if  some¬ 
thing  happens,  it’s  a  huge 
problem.”  ■ 
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Start-ups  automate  global  trade  Amotions 


■  BY  ANN  BEDNARZ 

Aerospace  company  Pratt  &  Whitney  last  month 
agreed  to  pay  a  $150,000  penalty  to  settle  charges 
that  it  exported  controlled  items  to  various  coun¬ 
tries  without  obtaining  the  required  licenses  from  the 
U.S.  Department  of  Commerce. 

A  few  months  before,  Morton  International,  based  in 
Chicago,  agreed  to  pay  a  federal  fine  of  $647,500  for  ship¬ 
ping  protected  chemicals  to  Mexico,  Singapore  and 
Taiwan.  And  in  December,  Sun  took  a  $291,000  hit  for 
charges  involving  illegal  exports  of  computers  to  military 
end  users  in  China  and  Egypt. 

It’s  not  hard  for  companies  like  these  to  find  them¬ 
selves  astray  of  federal  global  trade  regulations.  In  the 
U.S.,  multiple  government  agencies  oversee  pieces  of  the 
regulatory  puzzle,  determining  how  and  with  whom 
companies  may  conduct  business.  Additionally,  buying 
and  selling  goods  overseas  requires  staying  on  top  of  for¬ 
eign  countries’  myriad  trade  rules  and  tariff  structures. 

These  days,  a  handfui  of  small  software  companies  are 
angling  to  capitalize  on  the  complexities  of  cross-border 
commerce  and  automate  what  are  traditionally  time-con¬ 
suming  manual  processes  —  such  as  identifying  ship¬ 
ments  according  to  international  product  classification 
conventions,  making  sure  trades  comply  with  foreign 
import  and  export  rules,  and  providing  proper  shipment 
documentation. 

Vendors  with  so-called  global  trade  management  wares 
include  specialists  GT  Nexus,  NextLinx,  Open  Harbor, 
TradeBeam  and  Vastera.and  business  software  giant  SAP 
For  the  most  part,  the  processes  these  vendors  are 
working  to  automate  involve  three-ring  binders  full  of 
pricing  information  and  disparate  spreadsheet  applica¬ 
tions.  Not  only  are  these  manual  processes  time-consum¬ 
ing  and  error-prone,  but  they  make  it  hard  for  companies 
to  analyze  data  and  share  it  with  partners  such  as  inter¬ 
national  shipping  companies  and  customs  brokers. 

Plenty  of  opportunity 

There’s  plenty  of  opportunity  to  streamline  global 
transactions, says  Beth  Peterson,  vice  president  of  prod¬ 
uct  solutions  at  Open  Harbor,  which  specializes  in 
trade  compliance  and  documentation  services. 
According  to  industry  estimates,  a  single  shipment  can 
require  about  35  documents,  be  touched  by  15  parties 
and  require  200  data  elements  to  be  keyed  in  multiple 
times,  Peterson  says.  Automation  can  eliminate  some  of 
that  redundancy. 

Backed  by  $49  million  in  venture  funding,  Open  Harbor 
tackles  trade  management  with  a  team  of  25  experts  who 
track  more  than  60  countries’  trade  policies  and  feed  a 
database  of  more  than  8,000  rules. 

Open  Harbor  customers  subscribe  to  a  service,  which 
ties  into  their  ERP  systems.  For  example,  when  the  ERP 
system  receives  a  purchase  order,  it  feeds  customer  and 
product  information  to  Open  Harbor,  which  analyzes  the 
content  before  validating,  warning  against  or  blocking  the 
transaction. 

Peace  of  mind  is  a  key  benefit,  says  Stan  Yamamoto, 
president  of  AMAC  in  Cypress,  Calif. The  Panasonic  sub¬ 
sidiary  started  using  Open  Harbor’s  restricted  party 


screening  and  trade  compliance  services  a  year  ago 
when  keeping  up  with  international  trade  rules  became 
too  much  for  one  full-time  person  to  handle. 

Now  instead  of  worrying  whether  every  new  policy 
from  every  international  regulatory  body  has  been 
addressed,  AMAC  executives  are  confident  their  global 
trade  operations  are  protected, Yamamoto  says. 

“We’ve  always  been  aware  that  there’s  a  need  for  very- 
tight  export  control,”  he  says.  With  Open  Harbor’s  soft¬ 
ware, “unless  we  follow  the  rules,  we  can’t  process  a 
transaction.” 

Additionally  AMAC  has  been  able  to  improve  the  effi¬ 
ciency  of  its  operations  with  global  trade  management 

Foreign  affairs 


•MULTIPLE  RESPONSES  ALLOWED 

software.  For  example,  in  the  past  AMAC  didn’t  always 
take  advantage  of  a  U.S.  trade  rule  that  excludes  certain 
exports  valued  at  less  than  $2,500  from  requiring  a 
license. 

“Open  Harbor  takes  into  account  a  lot  more  aspects  of 
a  transaction  than  we  were  able  to  with  our  old  system,” 
Yamamoto  says. 

An  emerging  market 

About  10%  of  U.S.  companies  have  invested  in  global 
trade  management  software,  according  to  Aberdeen 
Research.  But  the  research  firm  expects  that  figure  to  hit 
nearly  40%  over  the  next  two  years. 

Some  early  adopters  include  hardware  vendor  U.S. 
Robotics  and  software  maker  BEA  Systems,  which  use 
restricted-party  screening  software  from  Vastera  and 
Open  Harbor,  respectively,  to  block  transactions  with  peo¬ 
ple  on  restricted  party,  embargo  and  sanction  lists. 
Neiman  Marcus  Group  uses  TradeBeam’s  software  to 
ensure  its  international  shipments  comply  with  import 
regulations,  and  Phillips-Van  Heusen  uses  a  hosted  ser¬ 
vice  from  GT  Nexus  to  manage  its  global  transportation 
logistics. 

One  reason  for  the  increased  use  is  the  enactment  of 
broader,  more  complex  trade  rules  in  the  last  few  years. 
For  example,  the  Container  Security  Initiative,  which  went 


into  effect  last  year,  requires  shippers  to  provide  the  U.S. 
government  with  detailed  manifest  information  about 
ocean  container  freight  being  shipped  from  foreign  ports 
to  the  U.S.,24  hours  before  loading  at  the  foreign  port. 

The  threat  of  terrorism,  in  particular,  has  affected  global 
trade  operations.  As  countries  have  become  more  vigi¬ 
lant  about  safeguarding  their  ports,  businesses  have  had 
to  change  the  way  they  operate,  says  Bruce  Lovett,  vice 
president  of  marketing  and  product  management  at 
Vastera.“The  number  of  organizations  that  issue  regula¬ 
tions,  laws  and  procedures  is  almost  overwhelming,” 
Lovett  says. 

Within  the  U.S.,  multiple  government  agencies  publish 


lists  of  restricted  parties  with  which  companies  may  not 
conduct  business.The  Department  of  Commerce’s 
Bureau  of  Industry  and  Security  maintains  denied  per¬ 
sons  and  denied  entities  lists,  while  the  State  Depart¬ 
ment  has  its  debarred  persons  list,  and  the  Office  of 
Foreign  Assets  Control  tracks  “specially  designated 
nationals  and  blocked  persons,”  such  as  known  terrorists 
and  drug  traffickers. 

Additionally, supply  chains  are  expanding.The  market 
for  trade  management  software  is  widening  as  more 
companies  look  to  conduct  business  with  overseas  sup¬ 
pliers  and  sell  their  goods  to  offshore  customers.  As 
companies  outsource  aspects  of  their  business, such  as 
manufacturing,  trade  management  becomes  more 
unwieldy, says  Greg  Aimi.a  research  director  at  AMR 
Research. 

Governments  also  are  putting  pressure  on  businesses 
to  embrace  automation.  Over  the  past  12  months,  there’s 
been  a  huge  movement  among  governments  to  mod¬ 
ernize  their  IT  systems,  says  Neetin  Datar,  director  of 
trade  and  compliance  applications  at  SAP  For  example, 
there’s  the  New  Computerised  Transit  System  in  Europe, 
based  on  electronic  declarations  and  processing,  and 
Australia’s  Integrated  Cargo  System. 

“These  entities  don’t  want  to  be  receiving  paper  and 
fax  documentation  any  more,”  Datar  says.  ■ 


Conducting  business  with  overseas  trading  partners  presents  financial,  logistical  and  regulatory 
complexities.  Here  are  the  biggest  challenges  global  traders  face,  according  to  157  respondents 
to  an  Aberdeen  Group  survey. 


Identifying  shipping  exceptions 


Shipment  visibility  for  supply-chain  partners 


Integration  with  other  enterprise  units 


Calculating  total  landed  cost 


Connecting  to  government  trade  systems 


Screening  for  dangerous  parties 


Settling  international  payment  transactions 


Classifying  products  for  customs  purposes 
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ISPs  look  inward  to  stop  spam 

■  BY  CARA  GARRETSON 


Takes 

■  Verizon  Wireless  recently 
announced  plans  to  purchase 

Qwest  Wireless’  assets  for  $418 
million  in  order  to  expand  its  market 
presence.  The  transaction  is 
expected  to  close  in  the  fourth 
quarter  or  early  next  year.  The 
agreement  includes  spectrum 
licenses  in  62  markets  in  14  Western 
and  Midwestern  states,  covering  a 
population  of  30.8  million  people. 

The  transaction  also  includes 
Qwest  Wireless’  network-switching 
centers,  cell  sites  and  related  net¬ 
work  equipment,  which  operate  on 
the  Code  Division  Multiple  Access 
standard,  the  same  as  the  Verizon 
Wireless  network. 

Fifty-three  of  the  licenses  being 
purchased  are  in  markets  where 
Verizon  Wireless  already  operates 
its  network  and  will  be  used  to 
expand  capacity.  The  spectrum 
licenses  also  include  several  new 
markets  for  Verizon  Wireless,  includ¬ 
ing  Rochester  and  St.  Cloud,  Minn.; 
Lincoln,  Neb;,  and  Longview,  Wash. 
The  agreement  does  not  include 
Qwest  Wireless’  subscriber  base. 

■  Network  service  provider  iPass 
announced  last  week  that  it  has 
more  than  10,000  Wi-Fi  hot  spots  on 
its  virtual  network.  The  service 
provider  says  it  has  11,179  hot  spots 
in  33  countries. 

The  wireless  LAN  access  points 
come  from  39  Wi-Fi  network  pro¬ 
viders  that  have  roaming  agree¬ 
ments  with  iPass.  Some  of  those 
service  providers  include  Con¬ 
course  Networks,  T-Mobile  and 
Wayport.  IPass  also  says  it  certi¬ 
fies  each  hot  spot  to  ensure  seam¬ 
less,  reliable  WLAN  service  for 
users  as  they  travel  the  globe. 

The  hot  spots  are  accessible  in 
about  2,900  hotels  in  26  countries,  37 
convention  centers  in  13  countries 
and  89  airports  in  19  countries. 

IPass  customers  can  use  Wi-Fi,  dial¬ 
up,  ISDN,  DSL  or  mobile  wireless 
data  services  to  access  the  Internet 
or  their  corporate  VPN  from  150 
countries. 


Many  major  ISPs  recently  have  come  to 
this  realization  about  the  fight  against 
spam:  They  are  both  part  of  the  solution 
and  part  of  the  problem. 

Every  U.S.  ISP  uses  anti-spam  techniques 
to  catch  unwanted  messages  coming  into 
their  networks  before  they  reach  users. 
Recently  thanks  to  the  urging  of  industry 
groups  and  coordination  among  pro¬ 
viders,  ISPs  also  are  taking  measures  to 
limit  the  spam  emanating  from  their  net¬ 
works.  While  no  one  is  declaring  the  war 
won,  they  have  discovered  that  making  rel¬ 
atively  simple  changes  to  network  policies 
can  have  a  significant  effect  on  reducing 
unwanted  e-mail. 

ISPs  are  “starting  to  realize  that  outbound 
spam  . . .  out  of  their  networks  is  one  of  the 
biggest  problems  they  need  to  solve,”  says 
Rich  Wong,  general  manager  of  messaging 
with  Openwave  Systems,  which  makes  ISP- 
class  messaging  software.  Wong  is  chair¬ 
man  of  the  Messaging  Anti-Abuse  Working 
Group  (MAAWG).  “The  ISP  industry  is 
clearly  recognizing  the  issue  and  taking 
proactive  steps  to  solve  this  problem.” 

Targeting  Port  25 

MAAWG  says  one  of  the  most  effective 
steps  ISPs  can  take  to  cut  down  on  outgo¬ 
ing  spam  is  to  block  or  filter  e-mail  sent  via 
Fbrt  25,  a  gateway  that  pumps  Internet 
email  past  an  ISP’s  server,  not  through  it 
where  it  can  be  filtered.  Blocking  Fbrt  25 
means  users  must  send  email  through  the 
ISP’s  mail  server,  therefore  letting  the 
provider  monitor  traffic  flowing  out  of  its 
network.  Last  month,  the  Anti-Spam  Tech¬ 
nical  Alliance,  formed  last  year  by  Yahoo, 
AOL,  EarthLink  and  Microsoft,  issued  a  list 
of  anti-spam  recommendations  that  in¬ 
cludes  filtering  Fbrt  25. 

“Installing  Fbrt  25  filters  dramatically 
reduced  our  outbound  spam,”  says  Jeff 
Hartley,  manager  of  engineering  security 
and  abuse  with  Cox  Communications,  a 
member  of  MAAWG.  Last  summer  the 
broadband  provider,  which  has  about  2 
million  customers,  began  blocking  all  out¬ 
bound  e-mail  sent  by  residential  sub¬ 
scribers  that  used  Fbrt  25  and  sent  that  mail 
through  Cox’s  own  servers.  This  way  the 
company  can  catch  spam  blasts  before 
they  leave  the  Cox  network.  The  company 
lets  certain  residential  subscribers  contin¬ 
ue  to  use  their  e-mail  servers  once  the 
company  validates  them  as  legitimate 
senders,  he  adds. 


About  half  of  the  ISPs  in  the  US.put  some 
controls  on  Fbrt  25,  Hartley  estimates.  The 
most  recent  to  do  so  was  Comcast,  the 
country’s  largest  broadband  provider, 
resulting  in  one-third  less  spam  coming  out 
of  its  network,  according  to  spokeswoman 
Jeanne  Russo. 

Yet  blocking  Fbrt  25  isn’t  the  no-brainer 
that  some  purport.  ISPs  with  commercial 
users  who  need  to  operate  their  own 
e-mail  servers  can’t  stop  them  from  doing 
so  because  part  of  the  service  ISPs  provide 
is  carrying  messages  to  and  from  the  cus¬ 
tomer’s  e-mail  server  over  their  networks. 

“A  lot  of  people  are  . . .  complaining  that  if 


Spam  by  the  numbers 

ISPs  are  scrambling  to  limit 

spam  coming  out  of  their 

networks. . . 

•  Comcast  reports  a  35%  decrease 
since  it  began  filtering  Port  25 
traffic.  With  5.7  million  customers, 
Comcast  has  the  largest  broadband 
subscriber  base  in  the  country. 

•  AOL  reports  a  20%  to  30%  decrease 
in  spam  over  the  past  year,  thanks 
to  anti-spam  efforts  that  include 
filtering  Port  25  traffic. 

. . .  but  they’ve  got  their  work 
cut  out  for  them. 

•  89%  of  all  spam  is  sent  by  “zombie” 
PCs,  according  to  AOL. 

•  Although  most  of  the  world’s  spam 
—  56%  —  comes  from  the  U.S., 
South  Korea  ranks  second,  followed 
by  China,  Brazil  and  Canada. 


ISPs  shut  down  Fbrt  25,  it  turns  off  their  abil¬ 
ity  to  run  [their  own]  mail  servers,”  says 
Matthew  Prince,  CEO  of  consulting  firm 
Unspam.“ISPs  must  do  it  responsibly  Some 
people  are  rightful  users  of  Fbrt  25,  and  it’s 
important  that  we  maintain  their  rights.” 

Sprint  says  it  is  not  overly  concerned  that 
customers  of  its  SprintLink  IP  network  will 
use  the  service  for  spamming  because  the 
majority  of  these  customers  are  large  busi¬ 
nesses.  Sprint  does  not  block  Fbrt  25  on  its 
SprintLink  service  because  these  business 
customers  need  to  be  able  to  send  email 
from  their  own  servers. 

However,  because  of  the  proliferation  of 


compromised  computers  or  zombies  — 
those  infected  by  a  virus  or  worm  and 
turned  into  spammer  email  servers  — 
Sprint  has  to  deal  with  complaints  of  spam 
coming  from  SprintLink  when  a  customer 
site  has  been  infiltrated,  says  David  Ham, 
Sprint’s  director  of  Internet  services.  In 
those  cases,  Sprint  determines  where  the 
unwanted  messages  are  coming  from  and 
contacts  the  customer  so  the  zombie  PCs 
can  be  shut  down. 

“I  do  believe  ISPs  need  to  be  spam  cops; 
I  don’t  know  that  we  have  any  other 
choice,”  Ham  says. 

Other  tools  available 

ISPs  have  found  other  ways  to  curb  out¬ 
bound  spam.  Comcast  says  it’s  experienced 
the  one-third  reduction  in  outgoing  spam 
since  filtering  Fbrt  25.That  reduction  came 
after  it  already  saw  a  75%  drop  in  spam  on 
its  network  in  the  two  previous  months 
from  other  initiatives.  Those  include  close 
monitoring  of  its  network  for  spamming 
patterns  and  working  with  industry  groups 
to  help  curb  spam,  Russo  says. 

Another  effort  MAAWG  recommends  is 
for  ISPs  to  keep  a  close  eye  on  their 
acceptable-use  policies,  which  dictate  the 
terms  of  a  subscriber’s  agreement  and 
usually  place  limits  on  their  e-mail  use, 
such  as  the  number  of  e-mails  that  can  be 
sent  per  month  or  the  number  of  recipi¬ 
ents  allowed  per  e-mail.Usage  that  violates 
these  terms  usually  points  to  a  compro¬ 
mised  computer,  MAAWG’s  Wong  says. 

In  another  attempt  to  fight  outbound 
spam,  ISPs  have  begun  hiring  staff  to  watch 
the  e-mail  traffic  flowing  in  and  out  of  the 
network.  For  example,  EarthLink’s  abuse 
team  is  a  group  of  14  professionals  who 
monitor  e-mail  spikes,  learn  spammers’  pat¬ 
terns  and  slow  down  the  mail  stream  of 
suspected  spammers,  says  Mary  Young¬ 
blood,  the  ISP’s  abuse  team  manager.  This 
team  also  keeps  an  eye  on  the  e-mail  com¬ 
ing  from  customer  Web  sites  that  it  hosts. 

Despite  these  efforts,  experts  say  the 
spam  war  will  continue  to  escalate,  partic¬ 
ularly  as  armies  of  zombies  spread  around 
the  world.  “U.S.-based  ISPs  are  among  the 
first  wave  of  ISPs  that  need  to  deal  with  the 
[zombie]  problem.  This  is  because  of  the 
higher  penetration  of  home  PCs  and 
always-on  connections,”  says  Richi  Jen¬ 
nings,  an  analyst  with  Ferris  Research.  But 
as  broadband  connections  become  more 
popular  in  other  parts  of  the  world,  there 
will  be  more  take-over  targets  who  turn 
unsuspecting  PCs  into  spam  blasters.  ■ 
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As  for  spectrum  allocation? . . .  Let's  get  crazy 


Last  week  I  noted  that  the  FCC  is  con¬ 
sidering  allocating  unused  television 
spectrum  to  broadband  wireless  ser¬ 
vices.  Time  for  some  out-of-the-box  ideas: 
What  if  the  FCC  decided  to  re-allocate  all 


the  available  spectrum  —  including  com¬ 
mercial  television  and  radio  —  to  broad¬ 
band  services  (with  the  exception  of 
police,  fire  and  emergency  channels)? 

Crazy?  Maybe.  But  maybe  not. 


Here’s  why  it  would  make  sense: 

1. )  It  would  promote  broadband  local 
access  alternatives.  As  I  said  last  week, addi¬ 
tional  broadband  wireless  spectrum  could 
dislodge  the  RBOCs’  death  grip  on  local  ac¬ 
cess.  By  dedicating  some  spectrum  to  com¬ 
panies  that  intend  to  use  it  for  wireless 
voice  and  data  services,  the  FCC  could  ac¬ 
celerate  their  development.  And  to  protect 
against  the  RBOCs  buying  up  and  moth¬ 
balling  spectrum,  the  FCC  could  require 
companies  bidding  for  spectrum  not  to 
offer  alternate  facilities-based  local  access. 

2. )  It  would  accelerate  the  use  of  the 
Internet  as  a  delivery  mechanism  for 
broadcast  entertainment.  Just  because 
broadcast  TV  and  radio  as  we  know  it 
would  end  doesn’t  mean  we’d  lose  the 
shows  and  songs  we  love.  Instead,  they’d  be 
delivered  over  the  ’Net  —  as  many  are  now. 

3. )  It  would  drive  the  recording  industry 
and  other  content  providers  to  rethink 
their  business  models.  XM  satellite  radio, 
cable  TV  and  pay-per-view  all  demonstrate 
working  models  for  user-paid  content 
delivery  Instead  of  suing  consumers  for 
downloading  material,  content  providers 
would  have  to  devise  ways  to  make  paying 
for  downloads  painless. 

4. )  It  would  get  the  FCC  out  of  the  busi¬ 
ness  of  regulating  free  speech.  One  of  the 
beauties  of  XM  satellite  radio  and  pay-per- 
view  TV  is  that  you  get  what  you  pay  for  — 
and  only  that,  whether  it’s  cutting-edge  vio¬ 
lence  and  buxom  beauties,  or  G-rated  lan¬ 
guage  and  family  oriented  stories.  XM  satel¬ 
lite  radio  offers  a  range  of  Christian  music 
—  and  shock  jock  Howard  Stern  has  con¬ 
sidered  quitting  commercial  radio  for  XM. 
Both  can  coexist  because  consumers  can 
choose  what  they’d  prefer  to  receive. 

The  downsides?  Many  U.S.  households 
can’t  afford  Internet  or  cable  access.They’d 
lose  the  “free”  TV  and  radio  they’ve  be¬ 
come  accustomed  to.  But  those  services 
aren’t  free  —  the  government  has  taken 
something  that  belongs  to  all  of  us  (wire¬ 
less  spectrum)  and  given  it  to  only  some  of 
us  (broadcast  companies). The  fix?  Levy  a 
tax  on  wireless  spectrum  users  and  use  it 
to  fund  very  low-income  households  who 
otherwise  couldn’t  afford  access.  Mean¬ 
while,  all  consumers  would  have  access  to 
a  plethora  of  new  services  delivered  more 
efficiently  across  that  same  spectrum. 

Another  concern  is  the  effect  on  the  ad¬ 
vertising  industry,  which  now  spends  bil¬ 
lions  crafting  elaborate  sales  pitches.  While 
it’s  hard  to  feel  the  same  sympathy  for  a 
laid-off  Madison  Avenue  ad  exec  as  for  an 
unemployed  telephone  line  worker  in 
Dallas,  suddenly  shutting  down  a  major 
part  of  the  economy  can  be  wrenching. 
The  solution?  Don’t  do  it  suddenly  Do  it  in 
stages  —  giving  the  industry  time  to  adjust. 

Yep,  the  scheme  sounds  crazy  —  maybe 
crazy  like  a  fox. 
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s  Your  IP  Tell 


VolP/IP-telephony  networks  can  be  made 
secure  from  a  malicious  attack. 


We  can  help 


The  latest  Special  Report  from  Miercom  includes  revealing  insight  from 
our  hands-on  testing.  90+  pages  of  primary  research  and  test  results: 

•  Securing  Cisco  CallManager:  Can  it  be  done?  What  is  needed?  How  much? 

•  How  about  securing  Avaya  IP  Telephony? 

•  Hot  vendor  survey  results  on  VoIP  Security 

•  Assessing  your  main  vulnerabilities 

•  Practical  Q&A  on  VoIP  Security 

and  much  more... 


For  more  details  Call  1-800-Miercom  or  go  online  www.miercom.com/security 


379  Princeton-Hightstown  Road,  Cranbury,  NJ  08512 
Phone:  609-490-0200  Fax:  609-490-0610  www.miercom.com 


Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  iohna@nernertes.com. 
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Network  Change  and  Configuration  Management  (NCCM) — The  Evolution  of  Network  Management 


Why  Enterprises  are  Turning  to  NCCM 
to  Simplify  Network  Management 


NCCM:  BENEFITING  THE  ENTIRE  ORGANIZATION 
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The  Challenge  -  Managing  Network  Change 

Modern  networks  are  man/els  of  complexity.  New 
technology  innovations  such  as  highly  functional  remote 
devices,  distributed  computing,  and  voice-over-IP  (VoIP) 
are  continuously  introduced  to  the  market,  adding  to  the 
complexity  of  enterprise  networks.  What  this  impressive 
array  of  functionality  conceals  is  the  critical  importance  of 
network  change  and  configuration  management  (NCCM). 
Without  deep  and  broad  awareness  of  all  configuration 
requirements,  any  change  could  pose  unforeseen  risks 
to  a  network — the  backbone  of  an  IT  infrastructure. 

For  years,  the  primary  tool  for  dealing  with  configuration 
change  has  been  the  direct  involvement  of  expert  techni¬ 
cians  or  the  automation  of  task-oriented  processes. 
However,  as  networks  continue  to  progress,  the  deficiencies 
of  poorly  managed  configuration  and  change  control 
become  only  too  apparent.  Today,  the  trend  is  to  charac¬ 
terize  infrastructures  as  "agile’-,  combining  automation 
with  dynamic  provisioning  and  sen/ice  delivery.  The  success 
of  agile  computing  is  dependent  upon  automating  change 
and  configuration  control. 

The  Logical  Solution  -  NCCM 

NCCM  has  arisen  to  provide  a  unique  solution  to  these 
challenges,  offering  efficiencies  of  automation,  simplification 
and  visibility  across  the  network.  NCCM  solutions  typically 
support  superior  availability,  performance  and  service 
quality,  as  well  as  supporting  change,  disaster  recovery 
and  security/compliance.  They  promise  to  bring  significant 
reduction  in  total  cost  of  ownership  (TCO)  and  enhance 
the  return  on  investment  (ROI)  of  the  infrastructure. 

DeviceAuthority  Suite  3.0  -  NCCM,  a  Step  Beyond 

Today,  intelligent  NCCM  is  coming  of  age,  and  with 
DeviceAuthority  Suite  3.0,  AlterPoint  has  introduced  an 
effective  NCCM  approach  that  meets  and  exceeds  the 
following  key  requirements: 

1.  Detailed,  device-specific  technical  capability  to 
interact  with  any  individual  network  device  across  a 
spectrum  of  network  vendors. 

2.  The  ability  to  abstract  these  interactions  to  make 
configuration  broadly  manageable  at  a  human 
level,  enabling  automation  and  reducing  the 
technical  expertise  required  by  the  user. 

Supporting  the  proven  NCCM  approach — Visualize, 
Automate  and  Govern — DeviceAuthority 
Suite  ensures  that  companies  can  finally 
achieve  what  others  continue  to  promise. 

DeviceAuthority  Suite's  advantage  has 
been  established  through  key  NCCM 
functionality  built  on  a  well-engineered, 
architected  foundation.  This  foundation 
allows  organizations  to  meet  the  demands 
of  proactively  managing  network  changes 
and  gaining  governance  over  the  entire  network  infrastruc¬ 
ture.  DeviceAuthority  Suite's  robust  architecture  provides 
unparalleled  levels  of  reliability,  ease  of  use,  intelligence, 
automation  and  security. 

An  Architecture  of  Difference 

One  of  the  significant  architecture  differences  of 
DeviceAuthority  Suite  is  its  Network  Intelligence  Model 
(NIM).  The  NIM  combines  two  key  benefits  that  characterize 
the  emergence  of  intelligent  management  systems.  First, 


the  NIM  implements  a  model  for  the  normalized  hierarchi¬ 
cal  classification  of  network  device  attributes,  which  is 
populated  upon  automated  discovery  of  all  network 
devices.  Second,  the  NIM  incorporates  an  embedded  store 
of  expert  knowledge,  including  best  practices  of  network 
engineers  that  can  automatically  be  applied  to  network 
devices.  This  ensures  that  operations  performed  on  NIM 
objects  are  consistent  and  reliable. 

Where  change  and  configuration  tasks  must  be  done 
manually,  the  NIM  knowledge  store  can  walk  users  through 
a  Q&A-based  wizard  that  brings  the  knowledge  store  into 
interactive  dialog  with  the  user — a  significant  boon  even  to 
staff  having  high  knowledge  of  specific  devices. 

DeviceAuthority  Suite  also  provides  greater  flexibility  in 
reporting — an  incredible  value  in  compliance-sensitive 
environments.  Greater  IT  governance,  privacy  enforcement 
and  vulnerability  management  is  enabled  through  audits 
that  track  compliance  in  real  time. 


DeviceAuthority  Suite  also  offers  additional  extensions 
for  greater  integration  with  the  enterprise  including: 

□  Deployment  options  on  multiple  platforms  and  servers 

□  Extensive  database  compatibility  with  industry 
leading  databases 

□  Out-of-the-box,  seamless  integrations  with  event 
and  service  management  solutions  including  IBM 
Tivoli  NetView,  BMC  Remedy  ARS,  and  HP  OpenView 
Service  Desk  and  HP  OpenView  NNM 

□  Support  of  the  broadest  range  of  device  vendors  (25 


vendors,  10  classes  and  over  1000+  models).  And, 
through  its  XML  structure  of  adapters,  new  support 
can  be  added  rapidly 

DeviceAuthority  Suite's  ability  to  automate  and  stream¬ 
line  the  management  of  change  and  configuration, 
provides  significant  business  value  to  the  enterprise. 

•  Greater  efficiencies  translate  to  less  time  spent  on 
configuration  management 

•  Reduction  in  costs  associated  with  meeting  the 
requirements  of  compliance  with  regulatory  man¬ 
dates  (e.g.  Sarbanes-Oxley),  as  well  as  with  best- 
practices  initiatives  in  security  and  IT  governance 

•  Problem  prevention  and  issue  remediation 

•  Simple,  single-action  implementation  of  change 
across  the  heterogeneous  infrastructure 

AlterPoint  -  Leading  the  Way  in  NCCM 

With  DeviceAuthority  Suite  3.0,  AlterPoint  has  introduced 
a  system  that  delivers  substantial  value  to  the  enterprise  by 
overcoming  many  of  the  challenges  of  NCCM. 

□  Delivering  the  breadth  of  functionality  necessary  to 
support  a  marketplace  of  many  device  vendors. 

□  Applying  embedded  intelligence  to  a  set  level 
of  detail,  alleviating  the  burden  of  technical  expertise, 
all  available  through  a  simple-to-use  interface 

These  are  key  features  that  distinguish  DeviceAuthority 
Suite  in  the  marketplace.  These  advances  will  signifi¬ 
cantly  accelerate  operational  efficiencies  and  promote 
more  consistent,  superior  service  delivery.  AlterPoint 
has  gone  far  to  simplify  NCCM,  providing  a  deep  capa¬ 
bility  for  detail  across  a  broad  range  of  vendors.  Its 
configuration  data  abstraction  and  packaged  expertise 
make  DeviceAuthority  Suite  a  powerful,  intelligent  NCCM 
solution  capable  of  fulfilling  the  needs  and  requirements 
of  today's  complex  infrastructures.  In  short,  AlterPoint  is 
delivering  the  full  power  of  NCCM  with  its  forward-looking 
approach. 


Supporting  the  proven  NCCM  approach — 
Visualize,  Automate  and  Govern — DeviceAuthority 
Suite  ensures  that  companies  can  finally  achieve 
what  others  continue  to  promise. 


For  additional  information  on  DeviceAuthority 
Suite  3.0,  please  log  onto  www.alterpoint.com 


Sponsored  by  - 

AlterPoint” 


MOBILE 


M 

TELEWORKERS 


Manage  all  your  remote-user  stress  away — with  simplicity,  security,  and  savings.  Now,  no  matter  what  type  of 
remote  user  you're  supporting,  you  have  an  easy  answer.  GoRemote.  Named  "a  visionary  market  leader"  in  Gartner's 
latest  Magic  Quadrant,  GoRemote  streamlines  mobile,  teleworker,  and  branch-office  connectivity  for  over  1,700 
enterprise  customers  worldwide.  Our  GoRemote  Global  Network  v  is  the  world's  largest  and  eliminates  the  security 
concerns,  expense  issues,  and  hassle  factors  plaguing  today's  accessible-from-anywhere  enterprises.  Don't  take  our 
word  for  it.  See  what  Gartner  says.  Download  the  report  "U.S.  Managed  Remote-Access  1H04:  Leaders,  Visionaries" 
today — and  start  putting  yourself  back  in  control  once  and  for  all.  Visit  http://www.GoRemote.com/nw  or  call  866.308.8182 


BRANCHES 


A  GoRemote 

For  the  everywhere  enterprise. 


Go  Remote  was  formerly  GRIC  Communications,  Inc. 

©  2004  GoRemote  Internet  Communications,  Inc.  All  rights  reserved.  GoRemote.  the  GoRemote  logo,  "For  the  everywhere  enterprise,"  and  GoRemote  Global  Network  are  trademarks  of  GoRemote 
Internet  Communications,  Inc.  All  others  are  properties  of  their  holders. 


SHAPING  YOUR  NETWORK 


FTTP  boosts  bandwidth  in  the  last  mile 


HOW  IT  WORKS 


FTTP 

Fiber  to  the  premises  differs  from  other  types  of  broadband 
networks  because  the  fiber  connection  runs  all  the  way  to  the 
subscriber’s  home  or  business.  FTTP  offers  bandwidth  capacity 
reaching  50M  bit/sec  or  greater,  making  it  well-suited  to  carry 
voice,  video  and  data  services. 


O  An  optical  line  termination  (OLT)  device  formats  and  launches  signals  for  delivery  to  a  home  or  business  and 
receives  signals  from  the  home  or  business. 

©  Depending  on  the  distances  involved,  another  OLT  device  may  be  placed  closer  to  the  customer  site. 

©  An  optical  splitter  divides  the  signal  among  several  homes  to  allow  sharing  of  processing  resources. 

©  An  optica]  network  unit  (ONU)  converts  signals  to  standard  forms  such  as  Ethernet,  analog  for  voice  and  radio¬ 
frequency  video  for  television  services. 


■  BY  JIM  FARMER 

Although  many  service  providers  now 
offer  business-class  broadband  services, 
corporation  haven’t  widely  adopted  these 
DSL  and  cable  modem  services  because 
they  provide  relatively  limited  bandwidth 
and  scalability 

But  one  emerging  form  of  broadband 
could  change  that.  Fiber  to  the  premises 
(FTTP)  extends  fiber  cabling  all  the  way  to 
homes  or  businesses.  Because  fiber  pro¬ 
vides  a  significant  bandwidth  boost  over 
twisted-pair  or  coaxial  connections  used  in 
the  last  mile, carriers  are  tapping  it  to  deliv¬ 
er  voice,  video  and  data  services. 

FTTP  offers  speeds  of  25M  to  50Mbit/sec 
or  greater,  as  compared  with  a  maximum 
of  about  5M  to  6M  bit/sec  for  other  types  of 
broadband  services.  FTTP  also  supports 
fully  symmetric  services. 

There  are  several  architectures  for  FTTP 
systems, but  all  start  with  an  optical  line  ter¬ 
mination  (OLT)  device.  An  OLT  device  acts 
as  a  switch, and  interfaces  with  the  Internet 
and  other  systems  via  standard  intercon¬ 
nections  such  as  Ethernet  or  ATM.  Service 
providers  could  place  one  OLT  device  in  a 
central  office  and  another  in  the  field  clos¬ 
er  to  subscribers  to  provide  a  longer  reach 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


between  the  central  office 
and  customers. 

Most  FTTP  systems  em¬ 
ploy  passive  splitting  in  the 
field.  An  optical  splitter 
divides  the  FTTP  signal 
among  multiple  homes 
and  businesses.  At  the  sub¬ 
scriber  site  —  a  business  or 
home  —  an  optical  net¬ 
work  unit  (ONU)  converts 
optical  signals  to  standard 
forms  that  can  be  used  by 
customers.  These  generally 
include  Ethernet  (10/100/ 
lOOOBase-T),  plain  old  tele¬ 
phone  service  lines  for 
voice  and  cable  TV-like  sig¬ 
nals  for  video. 

Using  FTTP  service  pro¬ 
viders  can  deliver  analog 
and  digital  video  that  is 
compatible  with  what 
cable  TV  systems  provide. 

Voice  quality  is  as  good  or 
better  than  what  traditional 
phone  companies  provide. 

This  is  a  result  of  QoS  fea¬ 
tures  and  the  fact  that  voice 
signal  is  digitized  closer  to 
subscribers,  eliminating  signal  degradation. 

With  Fl  i  p  QoS  mechanisms  control  the 
data  rate  provided  to  each  subscriber,  and 
rates  can  be  set  in  increments  as  low  as 
64K  bit/sec. 

FTTP  also  lets  service  providers  offer  dif¬ 
ferent  bandwidth  to  different  applications 
used  by  the  same  subscriber.  This  is  en¬ 
abled  by  QoS  techniques  that  identify  traf¬ 
fic  based  on  source,  destination,  applica¬ 
tion  or  Differentiated  Services. 

What’s  more,  network  operators  also  can 


use  QoS  classification  to  create  premium 
services.  For  example,  one  service  might 
prioritize  corporate  VPN  traffic  for  telecom¬ 
muters  or  prioritize  traffic  to  a  business 
Web  site  over  e-mail  exchanges. 

Layer  3  bandwidth  management  lets 
FTTP  networks  support  other  services  as 
well,  such  as  IP  Centrex,  IP  phones,  confer¬ 
encing,  Web-based  call  management  and 
Web-based  subscriber  self-care. 

As  IP  over  Gigabit  Ethernet  has  reached 
maturity  and  all  network  architectures  con¬ 


tinue  to  migrate  toward  ipmore  FTTP  plat¬ 
forms  are  incorporating  Ethernet  technolo¬ 
gy  to  take  advantage  of  various  capital  and 
operational  savings.  Ethernet  components 
are  less  expensive  than  ATM  counterparts 
and  offer  substantial  savings  in  terms  of 
fiber  deployment  and  management  —  two 
more  factors  that  will  help  fuel  the  growth 
of  FTTP  networks. 

Farmer  is  CTO  ofWaue7  Optics.  He  can  be 
reached  at  jim.farmer@w7optics.com. 


Dr.  Internet  By  Steve  Blass 

Can  we  configure  Windows  Update  so  patches  can 
get  installed  automatically  without  users  needing 
administrator  privileges  on  the  system. 

Administrator  privileges  are  required  to  install 
some  Windows  Updates,  but  it  is  possible  to  con¬ 
figure  the  settings  so  updates  are  installed  auto¬ 
matically  without  granting  admin  privileges  to  user 
accounts.  The  key  is  that  the  process  running  the 
installation  needs  administrator  rights.  If  you  log 


on  as  an  administrator  and  configure  Windows 
Update  to  download  and  install  updates  on  a  regu¬ 
lar  schedule,  it  will  run  on  that  schedule  with 
admin  privileges,  and  the  updates  usually  will 
install  without  user  intervention.  To  configure 
Windows  Updates  on  Windows  2000,  open  the 
Automatic  Updates  program  from  the  control 
panel  while  logged  on  as  administrator,  choose  the 
automatic  install  option  and  set  the  schedule 
using  the  dialog  options.  Windows  XP  users  can 


launch  the  configuration  program  by  right-clicking 
'My  Computer'  to  open  the  properties  dialog  and 
choosing  the  ‘Automatic  Updates'  tab.  Once  con¬ 
figured,  the  system  will  automatically  download 
and  install  Critical  Updates  from  Microsoft,  as  long 
as  the  system  is  running  at  the  scheduled  time. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 
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Connecting  everything, 
everywhere,  all  the  time. 

Business  and  IT  unite.  HP  IT  Service 
Management  (ITSM)  combines  powerful 
HP  OpenView  software  with  the  know-how 
of  HP  consultants  to  create  a  tailor-made 
IT  infrastructure  that  allows  you  to  measure 
your  return  on  IT— as  you  would  any  other 
business  process.  ITSM  makes  your 
organization  more  responsive,  improves 
your  bottom  line  and  lets  you  turn  change 
to  your  advantage,  all  while  keeping 
business  and  IT  perfectly  aligned. 
www.hp.com/info/itsm 
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Secure  communications  with  SSH,  Part  2 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Last  week  we  began  slicing  and  dicing 
a  protocol  called  Secure  Shell,  which 
not  only  provides  safe  terminal  access 
but  also  gives  you  secure  file  transfer,  pro¬ 
vides  secure  X  connections  and  supports 
secure  forwarding  of  arbitrary  TCP  con¬ 
nections.  As  we  noted,  SSH  is  the  commu¬ 
nications  equivalent  of  a  secure  Swiss 
Army  knife. 

We  concluded  with  the  promise  to  dis¬ 
cuss  a  commercial  SSH  implementation, 
and  that  is  SSH  Tectia  from  SSH  Com¬ 
munications  Security  (www.nwfusion. 
com,  DocFinder:  2775). 

SSH  Tectia  is  a  suite  of  SSH  products  sup¬ 
ported  under  Linux, AIX, Solaris,  HP-UX  and 
Windows. We  must  note  as  an  aside  that  the 
publisher  is  a  Finnish  company  and  we 
can  provide  no  advice  on  whether  the 
product’s  name  should  be  pronounced 
“tekt-ee-ah”  or  “tek-tee-a”  or  “tek-shh.” 

The  heart  of  the  SSH  Tectia  suite  consists 
of  the  Tectia  Server  and  Tectia  Client  prod¬ 
ucts  with  three  optional  add-on  products: 


•  Tectia  Connector,  which  provides  a 
transparent  IP  tunnel  between  a  server  and 
a  client,  and  does  not  require  reconfigura¬ 
tion  of  client  applications. 

•  Tectia  Certifier,  a  public-key  infrastruc¬ 
ture  platform  for  issuing  and  managing  dig¬ 
ital  certificates  in  service  provider  and 
enterprise  environments. 

•  Tectia  Manager,  a  management  console 
that  lets  you  enable,  disable  and  modify  the 
configuration  and  operation  of  all  Tectia 
products  in  your  organization. 

We  tried  out  the  Tectia  Server  and  Client 
under  Windows  2003  and  XP  respectively 
Installation  in  both  cases  was  fast  and 
painless,  and  a  wizard  takes  you  through 
the  public-  and  private-key  generation 
process.  (An  interesting  option  for  Win¬ 
dows  servers  is  the  ability  to  specify  a  pro¬ 
gram  other  than  cmd.exe  as  the  terminal 
provider  application.) 

The  out-of-the-box  defaults  will  provide  a 
completely  functional  system  but  you  will 
want  to  configure  your  SSH  system,  which 
leads  you  into  a  maze  of  authentication 
and  encryption  standards. 

Be  prepared  to  do  some  reading  and 
research  because,  while  the  SSH  Tectia 
documentation  covers  a  lot  of  ground, 
there  is  a  lot  more  security  technology  that 
isn’t  explained. 


The  Tectia  Client  supports  an  IP  tunnel¬ 
ing/VPN  feature  that  is  pretty  easy  to  set 
up.  With  the  Tectia  Client  loaded  you  sim¬ 
ply  point  your  e-mail  and  FTP  clients  to 
talk  to  their  respective  servers  at  “local- 
host”  (127.0.0.1).  The  Tectia  Client  now 
will  proxy  all  requests  to  whatever  desti¬ 
nation  server  to  which  you  are  currently 
connected.  Obviously  if  you  plan  to 
access  multiple  servers  securely  this  is 
going  to  be  a  bit  clumsy 

The  Tectia  Server  and  Client  products 
default  to  using  the  SSH2  protocol  we  dis¬ 
cussed  last  week  but  they  also  can  work 
with  SSH1.  Both  products  are  standards- 
based, which  means  they  can  interoperate 
with  other  products  that  “speak”  SSH.  For 
example,  we  used  the  PuTTY  SSH  free¬ 
ware  client  with  the  Tectia  Server  without 
incident. 

Let  us  digress  for  a  moment  to  note  that 
the  PuTTY  client  (DocFinder:  2776)  is  cool. 
It  is  an  implementation  of  Telnet  and  SSH 
for  Win32  and  Unix  platforms  combined 
with  an  xterm  terminal  emulator. 

PuTTY  includes  Plink,  a  command-line 
SSH  implementation;  PSCP  the  PuTTY 
Secure  Copy  client,  for  secure  file  transfer 
over  SSH  1 ,  and  PSFTP  a  version  of  PSCP 
forSSH2  connections;  and  finally  Pageant, 
an  SSH  authentication  agent  that  stores 


your  decoded  private  keys  in  memory  so 
you  can  use  them  without  needing  to 
enter  the  passphrase. 

For  casual  use  the  PuTTY  client  and 
most  other  freeware  and  shareware  SSH 
clients  and  servers  are  great,  but  the  big 
advantage  of  the  Tectia  suite  is  its  suitabil¬ 
ity  for  enterprise  use  —  it  provides  cen¬ 
tralized  control  and  management  that  is 
vital  if  you  are  looking  at  large-scale 
deployments. 

You  can  find  a  more  comprehensive 
review  of  the  Tectia  SSH  Server  and  Client 
on  Network  World  Fusion  at  DocFinder: 
2777.  We  agree  with  the  conclusions  of 
this  review:  “Tectia  4.0  is  a  commercial- 
grade  SSH  implementation  that  offers  the 
strong  security  features  of  the  SSH  proto¬ 
col  with  a  pretty  rich  set  of  authentication 
and  usability  features.” 

Pricing  for  SSH  Tectia  is  $119  for  the 
Client,  $549  for  the  Linux  Tectia  Server  and 
$679  for  the  Windows  Tectia  Server.  The 
Tectia  Connector  costs  $149, and  the  start¬ 
ing  price  for  the  Tectia  Manager  is  $14,500. 
The  Tectia  Certifier  is  priced  on  applica¬ 
tion.  Also,  note  that  the  source  code  is  pro¬ 
vided  with  the  Unix  version. 

Discuss  your  secrets  with  gearhead@ 
gibbs.com. 


CoolToo 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


The  scoop:  LP-120  Coach  Edition  projector,  from 
InFocus, about  $2,100  (version  without  Coach  leather  car¬ 
rying  case  about  $2,000). 

What  it  does:  A  stylish  and  very  portable  (it  weighs  just 
under  2  pounds)  digital  projector,  the  LP-120  lets  you  take 
your  projector  on  the  road  to  give  presentations  or  hook 
up  to  a  video  source  to  provide  better  projection. 
Technical  features  include  1,000  lumens 
of  brightness,  native  XGA  resolution 
(1,028  by  768  pixels),  an  optical  zoom 
lens  (to  adjust  the  picture  size  without 
moving  the  projector),  and  about  36 
decibels  output.  The  Coach  Edition’s 
leather  case  lets  you  carry  the  projec¬ 
tor  around  in  style. 

Why  it’s  cool:  Having  a  small  and  light¬ 
weight  device  for  your  projection  needs  is 
a  cool  thing;  we’ve  lugged  around  too  many  bulky 
projectors  that  have  strained  our  shoulders,  and  strained 
our  patience  when  trying  to  hook  up  our  laptop.  The  LP- 
120  is  so  small  it  will  fit  into  a  laptop  bag.  It  was  very  easy 
to  set  up  and  get  running,  and  it  has  easy-to-understand 
connection  instructions,  and  power-up  and  power-down 
sequences. Focusing  the  projector, zooming  in  or  doing  the 
keystone  correction  also  was  easy  (although  we  tended  to 
leave  fingerprints  on  the  lens  while  trying  to  focus). 

Grade:  ★★★★  (out  of  five) 


The  scoop:  iBoot,from  Dataprobe,  about  $275. 

What  it  does:  The  iBoot  is  a  network-attached,  IP- 
addressed  and  Web-controlled  AC  power  switch  that  lets 
you  reset  the  power  of  a  device  (such  as  a  home  com¬ 
puter  or  router)  remotely  Take  any  device  you  want  to 
control  (a  single  device  or  power  strip)  and  plug  the 
power  cable  into  the  iBoot,  which  plugs  into  a  standard 
power  outlet. Then  connect  the  iBoot  to  an  Ethernet  net¬ 
work,  and  you’re  up  and  running. 

You  now  can  monitor  any  device  on  that  network  and 
control  the  power  of  a  device  plugged  into  the  iBoot. The 
iBoot  includes  utilities  that  let  you  control  your  device 
through  a  Web  browser,  command-line  interface,  custom 
applications  oi  scripts.  It  also  can  be  controlled  through  a 
ping  utility  or  a“heartbeat  monitor;” software  that  can 
be  installed  on  a  device  to  send  informa¬ 
tion  to  the  iBoot  rather  than 
responding  to  ping 
requests. 


Why  it’s  cool:  In  addition  to  monitoring  computer  and 
network  equipment,  the  iBoot  can  be  used  to  control 
consumer  electronics.  Whether  it’s  for  power  savings  or 
simply  to  ensure  you  remembered  to  turn  off  the  iron  (a 
bit  extreme,  we’ll  admit),  you  easily  can  access  the 
device  via  a  Web  interface  and  turn  the  power  on  or  off 
for  any  device  or  set  of  devices  connected  to  a  power 
strip. 

The  iBoot  also  provides  the  ability  to  use  Windows  plug¬ 
ins  within  other  applications  for  management  purposes. 
We  didn’t  test  this  functionality  although  we  bet  this  fea¬ 
ture  offers  limitless  possibilities  as  to  what  conditions  can 
be  used  to  trigger  the  the  iBoot  and  take  action  on  the 
device  to  which  the  iBoot  is  connected. 

The  iBoot  was  extremely  easy  to  configure,  with  a  Web 
interface  associated  with  the  default  IP  address  or  with 
one  acquired  via  a  Dynamic  Host  Configuration  Protocol 
server.  Once  logged  on,  you  can  assign  it  a  static  IP 
address.  The  password-protected  Web  console  provides 
full  management  of  the  device  and  its  advanced  network- 
based  detection  tools. 

The  ping  and  heartbeat  monitor  utilities 
can  be  set  to  check  as  frequently  as 
desired  and  offer  flawless  reliability. 
The  network-based  tools  provide  flex¬ 
ibility,  not  only  in  detection  of  net¬ 
work  status  but  also  for  the  desired 
action  to  be  taken.  Seven  actions 
can  be  chosen  when  a  change  is 
detected,  including  powering  on  or 
off,  and  waiting  to  hear  for  the  IP  status 
to  return. 

Grade:  ★★★★ 


Shaw  can  be  reached  at  kshaw@ 
nww.com.  Network  World  Senior  Network/Tele¬ 
com  Engineer  Peter  Hebenstreit  contributed  to  this 
column. 


InFocus'  LP-120  pro¬ 
jector  is  small  enough 
to  fit  in  your  laptop 
bag,  and  is  easy  to  set 
up  and  use. 
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Profiles  in  Business  Mobility  #2  I  Versatility 


Why  carry  two  devices  when  you  can 

carry  just  one? 


The  Nokia  6820  Messaging  Device 


I V  If  your  employees  are  often  out  of  the  office  serving  customers,  yet 
they  always  need  to  stay  connected,  the  Nokia  6820  Messaging 
Device  is  the  right  call.  A  full  messaging  keypad  makes  email  fast 
and  easy.  A  color  screen  enhances  readability.  And  because  Nokia  business 
mobility  offerings  go  beyond  phones  to  enable  sophisticated  back-end 
secure  mobile  connectivity,  you  can  give  your  work- 

Nokia  security  appliance 

force  the  advantage  of  mobile  access  to  critical  data  such  as  sales  numbers, 
inventory  levels,  financials,  and  more.  When  you  think  about  it,  with  the 

t  Nokia  6820  Messaging  Device  and  business  mobility  solutions,  who 

needs  an  office?  Email,  voice,  data— even  calendar  and  contacts— 
are  always  right  where  your  people  need  them:  at  their  fingertips. 


I 


Never  in  the  Office  Nora 


Learn  how  to  mobilize  your  team  and  increase  business 
productivity.  Download  “The  Anytime,  Anyplace  World” 
white  paper  at  »nokiaforbusiness.com 


IMOKIA 

Connecting  People 
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ON  TECHNOLOGY 

John  Dix 

Putting  the 
wraps  on 
smelly  phish 

Phishing  is  quickly  becoming  the  single  greatest 

threat  to  corporate  efforts  to  serve  consumers  elec¬ 
tronically,  and  with  good  reason.  Undermining  trust 
in  online  transactions  could  set  the  whole  movement  back 
years  and  negate  the  efficiency  and  cost  gains  that  compa¬ 
nies  have  realized. 

in  May  alone  there  were  nearly  1,200  unique  phishing 
attacks,  according  to  an  industry  association  called  the 
Anti-Phishing  Working  Group  (www.antiphishing.org). 
APWG  says  it  has  400  members,  including  eight  of  the  top 
U.S.  banks  and  four  of  the  top  five  US.  ISPs. 

This  association  is  only  one  of  many  groups  cropping  up 
to  combat  this  scourge.  A  few  weeks  ago  IBM,  Best  Buy  and 
other  companies  in  the  financial,  retail  and  technology 
sectors  formed  the  Trusted  Electronic  Communications 
Forum. 

There  is  a  sense  of  urgency  because  the  phishing  scams 
are  getting  more  and  more  sophisticated.  Consider  this  one 
targeting  Citibank  users  last  week.  Some  customers  got  an 
HTML  e-mail  from  a  spoofed  address, “Citibank  <safe@ 
citibank.com>,” saying, “We  recently  noticed  one  or  more 
attempts  to  log  into  your  Citibank  account  from  a  foreign 
IP  address  . . .” 

Then  it  went  on  to  say  that  “because  user  identification 
on  the  Internet  is  difficult,  Citibank  cannot  and  does  not 
confirm  every  user’s  purported  identity  Thus  we  have  estab¬ 
lished  an  online  verification  system  to  help  you  evaluate 
with  whom  you  are  dealing.The  system  is  called  CitiSafe 
and  it’s  the  most  secure  Citibank  wallet  so  far.  If  you  are  the 
rightful  holder  of  the  account,  click  the  link  below,  fill  (sic) 
the  form  and  then  submit . . .” 

Clicking  on  the  link  opens  the  phish  site  and,  according 
to  the  APWG,  starts  a  Java  script  that  spoofs  the  browser 
address  bar  so  it  looks  like  you’re  connecting  to  a  legiti¬ 
mate  URL. 

The  APWG  labels  this  “one  of  the  most  dangerous  phish¬ 
ing  schemes  so  far” 

According  to  Jerry  Brady,  managed  security  services  chief 
security  officer  for  VeriSign,  advances  in  phishing  schemes 
are  resulting  in  3%  to  5%  success  rates,  up  from  1%  to  2%  a 
year  ago. “These  guys  have  gotten  very  sophisticated,”  Brady 
says.They  profile  their  victims  and  sometimes  survey  them, 
acting  like  a  financial  institution  and  inquiring  about  what 
services  they  want,  their  net  worth  and  whether  they  use 
security  tokens. 

The  best  way  to  fight  back  today  is  educating  customers 
and  shutting  down  phishers  as  fast  as  possible,  but  the 
industry  needs  stronger  authentication  methods  sooner 
rattier  than  later. This  needs  to  be  a  top  industry  priority 


opinions 


Phishing  expedition 

Regarding  “Phear  of  phishing”  (www.nwfusion. 
com, DocFinder:  2822):  I  recently  had  an  experience 
with  phishing,  but  mine  is  a  bit  different  than  those 
in  your  story 

A  woman  called  my  work  phone  number  and  left 
a  message  stating  that  my  name  and  work  number 
had  been  placed  on  her  eBay  PayPal  accounts.  I 
wasn’t  sure  what  she  was  talking  about,  so  1  didn’t 
respond.  Later  I  received  another  phone  call  from 
the  same  woman.  She  said  someone  had  stolen  her 
eBay  PayPal  accounts  and  replaced  her  information 
with  mine.  At  first,  eBay  and  PayPal  didn’t  want  to 
help  her,  but  somehow  she  proved  to  them  who  she 
was  and  that  the  accounts  were  really  hers.  Neither 
she  nor  I  have  any  idea  where  someone  got  my  work 
number;  I  very  rarely  give  it  out.  However,  1  did 
recently  use  the  number  to  buy  airline  tickets  and 
flowers. 

To  make  a  long  story  short,  while  I  was  talking  to 
this  woman  on  the  phone,  someone  broke  into  my 
10-year-old  Hotmail  account.  I’d  never  had  anything 
like  this  happen  before.  She  advised  me  to  call  the 
FBI,  which  then  forwarded  my  call  to  an  identity 
theft  office.  The  woman  at  that  office  told  me  I  was 
the  first  person  to  call  in  and  say  it  was  my  identity 
that  the  phisher  was  using.  She  said  she  had  had  15 
phone  calls  that  morning  before  1 1  a.m.  regarding 
stolen  PayPal  accounts  through  eBay 

I  think  1  figured  out  how  the  phisher  got  into  my 
Hotmail  account.  Earlier  that  morning  I  had  gotten 
an  email  saying, “Here  is  the  password  you  request¬ 
ed.”  It  also  had  a  link.  I  know  1  didn’t  request  the  pass¬ 
word,  but  I  went  to  the  link  anyway  I  also  keyed  in 
the  password  they  had  given  me.  Nothing  happened 
.  .  .  well,  nothing  I  could  see.  Just  another  twist  to 
phishing. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


I  won’t  ever  give  out  information  on  the  Web  again. 
I’ll  make  phone  calls  to  order  flowers  from  now  on. 

Teresa  Sheridan 
Clayton,  Mo. 

Playing  it  cool 

Regarding  “Users  also  taking  steps  to  dial  down 
server  heat”  (DocFinder:  2823):  I  own  and  operate  a 
65,000-square-foot  data  center  that  has  an  over¬ 
head  airflow  and  cooling  design.  The  raised-floor 
design  seems  to  have  been  the  standard  for  the  last 
20  years  or  so  in  mission-critical  facilities.  I  am 
interested  in  feedback  from  other  data  center  own¬ 
ers,  operators  and  tenants  that  are  successfully 
cooling  50  to  100  watts  per  square  foot  via  an  over¬ 
head  design. 

I  have  1,600  tons  of  cooling  via  fourTrane  air-side 
chillers,  which  are  needed  only  during  the  summer 
months.  I  have  six  110,000-cubic-feet-per-minute 
Pace  air-handling  units  equipped  with  humidifiers, 
de-humidifiers,  air  economizers,  and  both  supply 
and  return  drives.  The  supply  header  is  as  wide  as 
an  18-wheeler  and  as  long  as  a  football  field.  The 
return  plenum  is  30,000  square  feet.  I’m  getting 
questions  from  users  regarding  the  effectiveness  of 
cooling  from  overhead  that  I  cannot  answer 
because  I  have  no  measuring  stick.  There  are  no 
facilities  like  mine  in  Seattle  that  have  a  similar 
design  and  are  cooling  a  large  server  environment. 

In  September.I  will  host  a  meeting  at  my  data  cen¬ 
ter  in  Bothell,  Wash.  The  topic  will  be  re-commis- 
sioning  idle  data  centers  to  the  2005  standard,  and 
there  also  will  be  an  open  forum  on  overhead  and 
raised-floor  cooling.  Anyone  interested  in  attending 
or  curious  about  the  outcome  of  the  meeting  can 
contact  me  at  moreidy@nexusprop.com. 

Michael  Reidy 
Northwest  regional  manager 
Nexus  Data  Center 
Seattle 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  2821 


TVW  FUIU&Q 

Of  THG- 


rO  er> 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


www.nwfusion.com 


7/12/04 


NetworkWorld 


LEGAL  ISSUES 

Justin  Castillo 

Smart  contracts  make  smooth  flights 

■  ust  as  take-offs  and  landings  are  the  riskiest  parts  of  flying,  the 
_  1  beginning  and  end  are  the  riskiest  parts  of  a  network  service 
agreement.  Fortunately  there  are  ways  to  avoid  some  of  the  most 
common  problems. 

In  the  takeoff  phase,  falling  short  of  minimum  volume  commitments 
is  probably  the  biggest  risk  facing  a  company  that  signs  a  multi-year  net¬ 
work  service  agreement.  Failure  to  generate  adequate  traffic  volume 
quickly  can  make  it  nearly  impossible  to  catch  up  later. 

Transitioning  to  a  new  vendor  can  be  complex  and  slow.  Installation 
delays  can  result  in  lower-than-anticipated  volumes,  which  can  trans¬ 
late  into  shortfalls.  Customers  need  a  transition  plan  just  as  pilots  need 
a  flight  plan.  Requiring  your  vendor  to  generate  such  a  plan  will  help 
you  avoid  shortfalls. 

tions  between  customer  and  carrier  can  be  tense,  and  goodwill  lacking. 
Negotiate  exit  terms  into  your  contract.You  pack  your  parachute  before 
you  leave  the  ground,  not  when  you  hit  turbulence. 

Even  the  most  sophisticated  customers  sometimes  face  shortfalls  at 
the  end  of  their  contracts.  A  work-off  provision  can  help  by  in  effect, 
extending  the  agreement  for  a  few  months.  Such  a  provision  can 
reduce  or  even  eliminate  a  shortfall  while  benefiting  both  parties:  The 
carrier  gets  its  revenue,  while  the  customer  gets  service  in  exchange  for 
its  money  and  avoids  writing  shortfall  checks  for  nothing  in  return. 

Some  carrier  contracts  have  evergreen  clauses  that  cause  them  to 
renew  automatically  if  they  are  not  canceled.  Month-to-month  renewals 
are  fine, even  desirable, but  an  automatic  one-  or  even  three-year  renew¬ 
al  at  stale,  above-market  rates  is  a  telecom  manager’s  nightmare.  Such 

Even  the  most 
sophisticated 
customers  some¬ 
times  face  short¬ 
falls  at  the  end  of 
their  contracts. 

Another  useful  transition  tool  is  a  ramp-up  period.lt  can  run  for  three 
months  to  a  year,  depending  on  the  complexity  of  the  situation.  During 
this  phase,  there  are  no  volume  commitments,  which  lets  the  cus¬ 
tomers  spending  grow  to  appropriate  levels  before  the  commitment 
applies. You  don’t  want  too  long  a  transition  period,  because  in  effect 
that  extends  your  contract. 

Sometimes  customers  overload  the  plane  by  negotiating  commit¬ 
ments  they  cannot  realistically  meet.  This  happens  when  a  customer 
negotiates  reduced  pricing  but  neglects  to  reduce  the  volume  com¬ 
mitment.  If  a  company  that  barely  meets  an  annual  commitment  of  $1 
million  negotiates  a  15%  price  reduction,  it  must  reduce  the  commit¬ 
ment  to  $850,000  or  risk  shortfall. 

The  end  of  a  contract  is  even  riskier  than  the  beginning  for  cus¬ 
tomers,  because  there  is  less  time  to  correct  problems.  Moreover,  rela- 


clauses  can  be  eliminated  during  initial  negotiations. 

The  telecom  equivalent  of  running  out  of  runway  is  failing  to  migrate 
services  before  an  agreement  expires.  After  that,  base  (or  tariff)  rates 
generally  apply  and  they  can  be  several  times  the  contract  rates  they 
replace. The  easiest  way  to  extend  the  runway  is  to  negotiate  a  migra¬ 
tion  clause,  which  permits  customers  to  keep  taking  services  at  con¬ 
tract  prices  for  three  to  six  months  without  additional  commitment. 

A  customer  that  negotiates  solid  contract  provisions,  makes  reason¬ 
able  commitments  and  plans  its  migration  can  expect  a  pleasant  and 
uneventful  flight. 

Castillo  is  a  partner  with  Levine,  Blaszak,  Block  &  Boothby,  a  law  firm 
that  specializes  in  negotiating  telecom  and  technology  agreements  for 
enterprise  customers.  He  can  be  reached  at  jcastillo@lb3law.com. 


ABOVE  THE  CLOUD 

James  Kobielus 


icrosoft's  recent  overtures  to  SAP 
should  come  as  no  surprise  to  anyone 
who’s  followed  either  vendor.  Each 
company  covets  the  other’s  market.  Microsoft 
is  evolving  into  a  more  complete  vendor  of 
ERP  and  other  business  applications.  SAP  has 
become  a  full-fledged  Web  application  and 
integration  platform  vendor,  in  addition  to  strengthening  its  core  ERR 
CRM  and  supply-chain  management  application  suites. 

It’s  also  no  surprise  that  their  discussions  didn’t  result  in  a  merger. 
Tying  the  knot  would  have  required  Microsoft  to  seriously  rethink  its 
commitment  to  its  emerging  Project  Green  next-generation  business 
application  suite.  SAR  for  its  part,  would  have  had  to  turn  its  back  on 
Java  2  Platform  Enterprise  Edition,  on  which  its  mySAP  applications 
and  NetWeaver  Web  services  application  platform  are  built. 

As  it  is,  the  two  vendors  remain  on  friendly  terms  and,  in  fact,  re¬ 
cently  announced  joint  efforts  to  strengthen  integration  between 
their  products.  Microsoft  and  SAP  complement  each  other  more  than 
they  compete.  In  spite  of  its  recent  forays  into  ERRMicrosoft  sees  itself 
primarily  as  an  application  and  integration  platform  vendor.SARfor  its 
part,  continues  to  focus  on  its  core  business  applications  market,  and 
has  only  ventured  into  Web  services  platform  software  to  strengthen 
mySAP 

Truth  be  told,  Microsoft  had  more  to  gain  than  SAP  from  a  merger. 
Over  the  past  two  to  three  years,  Microsoft  has  acquired  vendors  in 
the  small  and  midsize  business  segment  of  the  ERP  market.  However, 
it  has  no  business  applications  that  address  the  needs  of  large  com¬ 
panies,  the  segment  in  which  SAP  is  the  predominant  vendor. 

It’s  probably  best  for  enterprise  customers  that  Microsoft  and  SAP 
didn’t  merge.  The  platform  and  application  markets  have  become 
more  consolidated  over  the  past  several  years,  with  Microsoft  and  SAP 
emerging  as  the  kings  of  their  respective  hills.  Anti-trust  lawyers  every¬ 
where  would  have  jumped  at  the  chance  to  challenge  the  consolida¬ 


Empire-building  not  needed 


tion  of  so  much  market  power  in  a  single  vendor. 

One  suspects  that  Microsoft  and  SAP  entered  into  merger  discus¬ 
sions  to  explore  how  they  might  defend  themselves  from  a  common 
foe,  Oracle.  Oracle  currently  is  embroiled  in  an  attempted  hostile 
takeover  of  PeopleSoft.  If  it  comes  to  pass,  an  Oracle-PeopleSoft  merg¬ 
er  would  challenge  SAP  for  dominance  in  the  business  application 
market.lt  also  could  seriously  set  back  Microsoft’s  efforts  to  break  into 
the  top  tier  of  that  segment. 

The  Microsoft-SAP  discussions  are  an  indicator  of  larger  forces  afoot 
in  the  business  applications  market.  Vendor  consolidation  will  con¬ 
tinue,  even  if  Oracle  comes  up  empty-handed  in  its  pursuit  of 
PeopleSoft.  Microsoft  certainly  will  continue  to  acquire  niche  ERR 
CRM,  SCM  and  other  vendors,  and  to  position  their  wares  in  the 
broader  context  of  Project  Green.  Oracle,  PeopleSoft,  Lawson 
Software,  i2  Technologies  and  others  will  do  likewise. 

Enterprise  customers  watch  all  these  empire-building  maneuvers 
with  trepidation.  Many  users  bet  their  businesses  on  their  strategic 
ERRCRM  and  other  business  applications.Typically, users  intend  these 
investments  to  last  at  least  10  years.  When  business  application  ven¬ 
dors  consolidate,  users  fear  that  the  acquired  vendor’s  product  line 
has  become  a  dead  duck. 

Business  application  vendors  should  keep  the  empire-building  to  a 
minimum.  Instead,  they  should  do  as  SAP  has  done:  evolve  their  prod¬ 
uct  families  away  from  monolithic  architectures  and  toward  more 
thorough  implementation  of  Web  services  standards.  Any  application 
vendor  that  helps  users  extend  their  strategic  investment  through 
standards-based  interoperability  is  providing  real  value.  Any  vendor 
that  upsets  the  industry  apple  cart  through  ill-considered  mergers 
and  acquisitions  is  doing  users  a  disservice. 

Kobielus  is  a  senior  analyst  with  Burton  Group,  an  IT  advisory  service 
that  provides  in-depth  technology  analysis  for  network  planners.  He  can 
be  reached  at  (703)  924-6224  or  jkobielus@burtongroup.com. 
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esh  networks  altewjdeployment  of  large-scale 
wireless  nets  without  ha\7tng-io  physically  link 
access  point  back  to  the  wirecLpetwork. 


BY  JEFF  VANCE 


Funny  thine  about 
wireless  networks, 


they  demand  a  heck  of  a  lot  of  wires.  All  those 
access  points  that  extend  your  network  over  the  air 
are  connected  by  wires  to  the  Ethernet  LAN. 


In  a  building  with  Category  5  already  running  every¬ 
where  or  in  a  confined  location  like  a  coffee-shop  hot 
spot,  the  wiring  issue  might  not  be  such  a  big  deal, 
but  what  happens  when  you’re  faced  with  a  setting 
where  stringing  wires  is  impractical?  Or  what  if  you 
need  to  reconfigure  an  existing  wireless  network  on 
the  fly,  or  if  you  need  to  set  up  a  new  network  in 
response  to  a  time-specific  event?  Or  what  if  you  want 
to  provide  Wi-Fi  to  a  college  or  corporate  campus,  or 
to  a  downtown  area? 

In  these  cases,  wireless  mesh  technology  might  be 
the  answer. 

The  Defense  Advanced  Research  Projects  Agency 
(DARPA)  began  studying  mesh  technology  in  the 
mid-1990s  for  use  in  battlefield  communications. 
Soon  after,  research-and-development  companies 
such  as  SRI  International  began  looking  at  wireless 
meshes,  and  now  a  number  of  start-ups  say  this 


In  a  pure  client  mesh,  every  device  in  the  network, 
including  laptops,  PDAs  and  smart  phones,  can 
pass  along  traffic  for  other  devices,  which  lets  users 
“hop”  through  neighboring  devices  or  wireless 
routers  to  communicate  with  each  other  and  to 
reach  the  wired  network.  This  “multi-hopping” 
capability  creates  a  meshed  network  that  automati¬ 
cally  routes  around  congestion  and  line-of-sight 
obstacles,  while  improving  throughput  as  more 
clients  enter  the  network. 

In  an  infrastructure  mesh,  access  points  and  wire¬ 
less  routers  carry  the  traffic  back  to  the  wired  net¬ 
work.  In  the  infrastructure  camp,  you’ll  find  Tropos, 
Firetide  and  BelAir. 

“In  our  system,  the  clients  don’t  participate  in  the 
mesh  at  all,”  says  Bert  Williams,  vice  president  of 
marketing  for  Tropos  Networks.  “They  attach  to  the 
mesh,  but  the  meshing  itself  is  done  by  infrastruc¬ 


companies  string  together  access  points.  There  is 
one  wired  node  that  provides  backhaul,  with  other 
wireless  nodes  on  the  same  subnet.”  There  are  ben¬ 
efits  to  this,  Howse  says.  The  wireless-mesh  nodes 
provide  better  coverage,  while  also  distributing 
intelligence.  “The  problem  with  this  model  is  that 
you  will  compete  with  Cisco,  Proxim,  Symbol  and 
other  access-point  providers.” 

Fixed-mesh  is  a  cable-replacement  strategy.  For 
example,  Strix  Systems  says  its  main  competition 
comes  from  cable  installers.  “Our  mesh  technology 
allows  for  deployments  of  [wireless]  LANs  in  loca¬ 
tions  where  Ethernet  is  difficult,  expensive  or  even 
impossible  to  run,”  says  Bob  Jordan,  vice  president 
of  marketing  for  Strix. 

Jordan  says  Strix  recently  unwired  the  Central 
Texas  Parole  Violator  Facility  in  San  Antonio.  The 
prison  was  concerned  about  the  difficulty  of 
installing  Ethernet  throughout  the  facility.  With  the 
Strix  solution,  a  few  backhaul  nodes  support  a  large 
network  of  wireless,  access-point-like  nodes  that 
can  be  placed  anywhere  there  is  a  power  outlet. 

Likewise,  Bert  Williams,  vice  president  of  market¬ 
ing  for  Tropos,  says  the  cable-replacement  strategy 
offers  the  most  near-term  opportunity.  "When  you 


technology  will  help  them  transform  the  wireless 
landscape. 

Simply  put,  wireless  meshes  use  a  topology  of 
rydundapt  connections  between  nodes  to  create  a 
self-configuring,  self-healing  network.  Because  very 
few  nodes  need  to  be  wired  into  the  network,  mesh 
networks  .limit  the  need  for  expensive  backhaul 
while  providing  additional  benefits  such  as  dynam¬ 
ic ''6.ptijul^e$.routing  and  automatic  load  balancing. 


Mesh  v$jpesh 

Not  all  ifR{||jS|p|)Ologies  are  created  equal  —  some 
include  cliei^feBjces  in  the  mesh,  most  don’t. 


ture  devices." 

MeshNetworks  and  PacketHop  let  clients  actively 
participate  in  the  mesh,  but  it’s  not  accurate  to  call 
either  of  them  pure  client-mesh  companies.  Instead, 
both  rely  on  infrastructure  nodes  for  the  core  of  the 
mesh  network.  Then,  once  a  mesh  infrastructure  of 
access  points  or  routers  is  in  place,  clients  can  be 
used  to  extend  the  coverage  area,  fill  coverage  gaps 
and  communicate  directly  with  nearby  devices. 

“I  would  actually  split  the  mesh  world  up  differ¬ 
ently,”  says  Michael  Howse,  CEO  of  PacketHop. 
“Rather  than  client  vs.  infrastructure  meshes,  what 
I  see  are  fixed  vs.  mobile  meshes.  The  fixed-mesh 


look  at  a  traditional  WLAN  deployment,”  he  says, 
“you’ll  find  that  90%  of  the  installation  cost  is  direct¬ 
ly  related  to  w'iring.” 

PacketHop’s  Howse  argues  that  fixed-mesh  com¬ 
panies  lack  mobility.  In  a  fixed  mesh,  clients  lose 
sessions  and  must  re-associate  as  they  move  from 
one  access  point  to  another. 

Peter  Stanforth,  CTO  of  MeshNetworks,  says  much 
of  the  problem  with  fixed  meshes  is  that  they  rely  on 
outdated  ideas  from  the  world  of  wireline  meshes. 

The  problem  is  twofold:  First,  the  wireless  medi¬ 
um  is  unreliable  compared  with  a  wired  network. 
When  you  look  at  Internet  routing  protocols,  for 
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California  Dreaming 

In  a  recent  trial,  the  California  Governor’s  Office  of  Emergency 
Services  used  mesh  technology  from  PacketHop  to  create  a 
mobile  network  of  boats,  cars  and  officers  on  foot. 
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example,  they  make  the  assumption  that  the 
underlying  physical  layer  is  very  stable, 
which  is  not  the  case  with  wireless.  Second, 
mobile  devices  are  constrained. 

With  a  power-limited  device,  he  says,  you 
are  always  trying  to  solve  problems  relating  to 
power,  range  and  data  rates.  But  you  can 
solve  only  two  of  the  three  problems.  “For  a 
given  power,  1  can  either  get  high  range  or 
high  throughput,”  Stanforth  says.  It’s  a  classic 
trade-off,  one  that  is  being  played  out  with 
802.11  standards  (802.1  lg  has  better  range, 
while  802.1  la  has  better  throughput). 

Mesh  networks  mitigate  this  problem,  and 
the  mobile  mesh  companies  argue  that  end 
devices  are  the  key  to  balancing  the  range  vs. 
coverage  debate. 

Vendors  also  are  taking  different  approaches 
in  terms  of  whether  their  products  are 
designed  for  indoor  or  outdoor  use.  For  exam¬ 
ple.  BelAir  and  Tropos  are  pitching  “cellular  Wi¬ 
Fi"  for  outdoor  applications,  while  Strix  is  focusing 
on  indoor  deployments. 
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Mesh  vs.  WLANs 

It  would  seem  that  mesh-network  companies  are  on 
a  collision  course  with  WLAN  vendors. 

For  example,  the  city  of  Medford,  Ore.,  recently 
selected  a  wireless-mesh  network  over  a  WLAN  to  give 
public  safety  and  public  works  agencies  mobile  access 
to  voice,  video,  data  and  position-location  services. 
"Most  802.11  wireless  networks  require  the  client  to 
disassociate  and  re-associate  with  access  points  as 
you  travel  through  a  coverage  area,”  says  Doug 
Townsend,  Medford’s  technology  services  director. 
“With  a  [wireless]  mesh,  there  is  no  drop  or  delay  typ¬ 
ical  in  systems  that  require  re-associating.  Mesh  [net¬ 
works]  also  avoid  the  latency  effect  and  decrease  in 


bandwidth  usually  seen  with  most  802.1 1  wireless  sys¬ 
tems  as  you  travel  away  from  access  points.” 

“If  you  look  at  the  WLAN  switch  space,  you  have  two 
approaches,”  Jordan  says.  “Companies  like  Trapeze 
and  Airespace  are  pursuing  thin  access  points  and 
centralized  intelligence,  while  Cisco  believes  in  intelli¬ 
gent,  fat  access  points.  Mesh  companies  offer  a  third 
way,  one  that  can  coexist  with  whichever  architecture 
you  choose.” 

Fie  says  mesh  networks  provide  a  single  point  for 
managing  the  network,  while,  at  the  same  time,  push¬ 
ing  intelligence  out  into  the  network  to  enable  optimal 
routing  and  automatic  load  balancing.  Thus,  if  you 
have  third-party  access  points  and  little  intelligence  in 
a  network,  meshing  adds  intelligence  to  wireless 
nodes.  If  you  have  fat  access  points,  meshing  offers  a 
centralized  point  of  control.  The  real  difference,  then, 


between  the  mesh  and  the  various  WLAN  companies  . 
is  the  wires.  “In  many  sectors,  removing  the  wires  is  . 
key.  Consider  emergency  responders,”  Jordan  says.  “If  : r 
you  have  a  need  for  temporary  workgroups  and  you 
set  them  up  and  tear  them  down  all  the  time,  is  it 
really  feasible  to  run  wires?”  -  ' 

Adds  Ike  Nassi,  CTO  of  Fireti.de  Networks:  "Our 


mesh  solution  sim 


installation.  You  plug  it  in  A-S&g- 
to  AC  power,  and  you’re  done.  Our  mesh  software  is , 
self-configuring  and  self-tuning.  Besides  limiting*-^  m 
costly  wires,  you  eliminate  expensive  site  surveys 


as  well.” 


Vance  is  a  freelance  technology  writer  and  cOnsdfgif. 
who  focuses  on  trends  in  wireless  comnumcdtio ridA 
generation  networking  and  Internet  'infrastructme, 
can  be  reached  at  jwvance@zdbmintermtjiel .  •./£ 
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EMC  CLARiiON®  CHANGES  THE  WAY  YOU  THINK  ABOUT  STORAGE.  Introducing  the  CLARiiON  Disk 
Library.  To  your  applications,  it  looks  and  acts  just  like  a  tape  library.  But  the  performance,  high  availability,  and 
simplicity  are  pure  disk.  You’ll  be  ready  to  go  in  less  than  an  hour.  Shorten  backup  times  by  up  to  30  percent 
And  speed  recovery  by  up  to  90  percent.  To  learn  more,  visit  www.EMC.com/backup.  Or  call  1-866-464-7381. 

Find  an  authorized  EMC  Velocity2  Partner  at  www.EMC.com/velocity. 
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Operating  systems 


We  tested  UnixWare  7. 1 .4  with  both  new 
management  components  and  added 
open  source  applications  to  compare  it 
with  Linux  and  Apple  OS/X  operating  sys¬ 
tems  we’ve  tested  recently 
The  results  were  mixed.  UnixWare  did 
well  in  our  Web  connectivity  and  perfor¬ 
mance  tests,  but  wasn’t  as  advanced  as  its 
Linux  rivals  in  terms  of  its  GUI  and  hard¬ 
ware  discovery  facilities. 


Up  to  running 

We  installed  the  Enterprise  Edition  of 
UnixWare  on  four  different  server  plat¬ 
forms.  The  initial  installation  was  primi¬ 
tive  compared  with  UnixWare’s  Linux 
rivals  SuSE  and  Mandrake.  No  installation 
GUI  was  invoked,  just  colored  text  graph¬ 
ics.  Hardware  detection  also  seemed  a 
difficult  task  for  UnixWare.  As  an  exam¬ 
ple,  UnixWare  could  not  correctly  find  a 
KVM-attached  mouse.  To  bring  up  the 
first  instance  of  the  operating  system,  we 
had  to  plug  a  mouse  directly  to  each 
server. 


Company:  SCO  Group,  www.sco.com 
Cost:  $4,999  for  50-users  license.  Pros: 
Good  overall  performer;  strong  feature 
set  including  Samba,  Apache, 
OpenSSL/OpenSSH  and  OpenLDAP. 
Cons:  Weak  hardware  detection;  relies 
on  open  source  applications  for  modern 
functionality. 


The  breakdown 


Installation/integration  25%  2.0 
Performance  25%  4.0 


Management/administration  25%  3.0 


Security  25%  4.0 


TOTAL  SCORE  3.25 


Scoring  Key:  5:  Exceptional;  4:  Very  good;  3: 
Average;  2:  Below  average;  1:  Consistently 
subpar 


SCO's  UnixWare  measures  up 
with  open  source  additions 


■  BY  TOM  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

With  the  newest  release  of  The  SCO  Groups  UnixWare,  it  could  be  said 
that  this  variety  of  Unix  is  starting  to  look  a  lot  more  like  Linux  —  even 
if  SCO  lawyers  pulled  the  Linux  Kernel  Personality  modules  from  the 
operating  system  during  the  course  of  our  testing  last  month. 


A  common  platform,  the  HP/Compaq 
DL360G3  server  presented  other  prob¬ 
lems  for  the  installation  application, 
which  consistently  could  not  find  the  CD- 
ROM  drive  on  the  server  midway  through 
installation.  SCO  support  advised  a  boot¬ 
time  toggle  that  let  the  drive  successfully 
work  through  installation;  however,  instal¬ 
lation  time  slowed  to  a  crawl  —  more 
than  90  minutes  per  CD  installed.  The 
installation  program  found  multi-CPU 
configurations  correctly  and  offered  opti¬ 
mization  options  for  the  multi-CPU 
chipsets  it  found. 

We  subsequently  downloaded  the 
operating  system  to  other  servers  using 
the  “TCP”  (actually  PXE  server)  installa¬ 
tion  option  that  immensely  speeds  up 
installation  to  multiple  servers. 

The  SCO  Update  service  (not  tested,  as 
no  updates  had  been  issued  at  the  time 
we  tested)  connects  to  the  host  for 
updates  from  the  mothership. 

Installation  options  are  plentiful.  Two 
popular  versions  of  Apache  are  available 
—  1.3  and  2.0.49.  We  tested  the  latter  of 
the  Apache  Web  services  (including 
Apache  Tomcat).  Other  open  source 
applications  are  available, such  as  Samba 
3.0.3,  which  provides  connectivity  to 
Windows  directory  services.  Also  avail¬ 
able  is  SCO’s  older  Advanced  File  and 
Print  Services  that  support  pre-Windows 
2000,  DOS-based  Windows  clients. 

Four  levels  of  security  are  available, 
ranging  from  basic  to  “above  C2”  (a  gov¬ 
ernment  certification  for  certain  types  of 
security  hardening  and  password  func¬ 
tionality).  Instructions  state  that  increas¬ 
ing  the  security  level  above  that  chosen 
at  installation  is  not  possible.  But  it  is  pos¬ 
sible  to  downgrade  security  if  needed.We 
chose  the  highest  grade  for  all  our  tests 
and  found  that  we  needed  to  lower  the 
security  to  enable  certain  functions  such 
as  Secure  Sockets  Layer  and  Secure  Shell 
Version  3  connectivity 

We  used  Internet  Security  Systems’ 
Security  Scanner  7.0  to  find  vulnerabili¬ 
ties  in  UnixWare  when  it  was  running  in 
both  C2  and  “above  C2”  modes.  Both 
selections  passed  muster  with  no  vulner¬ 
abilities  found. 


While  SCO’s  UnixWare  earned  solid  numbers 
in  our  performance  tests,  its  GUI  and  hard¬ 
ware  discovery  tools  are  wanting. 

SCOAdmin  is  an  X-Windows-based 
management  interface  that  administrates 
server  characteristics  (hardware  and  net¬ 
work)  and  user  accounts  and  OpenLDAP 
settings. SCOAdmin  uses  a  tree-like  menu 
system, and  we  found  administration  sim¬ 
ple,  if  superficial,  as  some  applications 
(such  as  Dynamic  Host  Configuration 
Protocol  setup)  lack  needed  options 
such  as  DHCP  forward  referencing. 

Windows  emulation,  provided  by  SCO’s 
neTraverse  Merge  5.3  in  UnixWare,  sup¬ 
ports  Windows  3.1  to  Windows  Millen¬ 
nium  applications.  Windows  NT-specific 
applications  running  under  neTraverse 
usually  don’t  work  well,  and  emulation 
can  load  down  the  CPU(s).  An  installa¬ 
tion  of  Windows  Office  2000  failed,  and 
use  of  Windows  Office  97  ran  unaccept¬ 
ably  high  CPU  utilization. 

The  Rendezvous  protocol,  which  can 
be  used  to  find  printers  and  other 
devices,  isn’t  supported,  but  the  Com¬ 
mon  Unix  Printing  System  is  supported, 
and  we  found  our  Lexmark  710  network 
printer  by  adding  its  IP  address.  Apple 
connectivity  via  Apple  Filing  Protocol 
wasn’t  natively  supported,  and  we  used 
Apple  network  connections  via  Samba 
connectivity 

Performance 

This  is  the  first  time  we’ve  run  our  Spir¬ 
ent  Communications  WebAvalanche 
tests  on  the  dual  CPU  Compaq  DL-360G3 
(see  How  we  did  it,  page  40).  While  we 


can’t  make  a  direct  apples-to-apples  cor¬ 
relation  between  SCO’s  results  and  past 
operating  system  tests  run  on  four-way 
machines,  we  can  deem  UnixWare  a 
strong  performer  overall. 

For  example,  in  our  transactions-per- 
second  test,  which  manipulates  static 
pages,  UnixWare  completed  704  transac¬ 
tion/sec  on  average,  which  is  75%  faster 
than  the  dual-PowerPC  CPU  Mac  Xserve 
running  OS/X  10.3.The  best  numbers  and 
worst  numbers  on  a  four-CPU  platform 
were  1,204  and  994,  respectively 

The  maximum  number  of  open  TCP 
connections  UnixWare  could  sustain  was 
54,208,  which  is  higher  than  the  previous¬ 
ly  tested  Apple  combination. This  began 
to  approach  all  other  operating  systems 
running  on  four-way  machines  that  tally 
open  TCP  connection  rates  between 
68,000  and  87,000  maximum  open  TCP 
connections. 

In  our  maximum  TCP  connections  per 
second  test,  UnixWare  could  maintain 
972  connections  to  Apple’s  616,  but  fell 
down  by  comparison  to  SuSE  Linux  and 
Windows  2003  Enterprise  Server  on  the 
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fourCPU  platform.  The  implication  here  is 
that  Apache  runs  quickly  on  UnixWare  and 
the  network  subsystem  can  sustain  many 
option  connections  but  doesn’t  connect 
and  release  connections  quite  as  quickly 
as  the  competition. 

Hardware  driver  selection  also  had  a 
strong  bearing  on  file  I/O  performance. 
Once  we’d  changed  the  UnixWare-picked 
disk  driver  for  the  HP/Compaq  DL360G3, 
we  achieved  strong  single-drive  and  inter¬ 
drive  performance  at  65M-bit/sec  single 
and  68M-bit/sec  inter-drive.  UnixWare  also 
has  emergency  recovery  support  for 
Integrated  Drive  Electronics, SCSI  and  cer¬ 
tain  removable  drives,  but  this  feature 
wasn’t  tested. 

But  overall,  UnixWare’s  performance  in 
our  tests  was  very  good. 

Documentation 

Documentation  consists  of  CD-based 
HTML  files,  and  various  ‘readme’  and 
release  notes.  Seven  languages  are  sup¬ 


ported,  but  only  single-byte  characters  are 
supported  in  many  applications,  leaving 
double-byte  (especially  Asian  language) 
support  for  the  future.  The  online  docu¬ 
mentation  explains  many  of  the  SCO-pro¬ 
vided  applications  but  is  light  on  specific 
Windows  emulation.  These  documents 
and  updates  are  also  available  on  SCO’s 
Web  site. 

in  all 

We  found  UnixWare  to  have  an  applica¬ 
tions  list  that’s  comparable  to  its  Linux 
peers  and  Apple’s  latest  server  operating 
system.  But  overall,  the  Linux  systems  tested 
know  the  underlying  hardware  better  and 
present  a  GUI  more  readily  than  UnixWare. 
Additionally  while  UnixWare  is  a  decent 
performer,  UnixWare  could  have  tighter  ties 
with  its  open  source  add-ins. 

Henderson  is  principal  researcher  for 
ExtremeLabs,  of  Indianapolis.  He  can  be 
reached  at  thenderson@extremelabs.com. 


®  How  We  Did  It 


We  installed  UnixWare  7.1.4  on  four  different  server  platforms:  HP/Compaq 
DL380G3  (twin  3-GHz  CPU,  1G  byte  dynamic  RAM,  internal  Compaq  Smart 
Array/SCSI  drive),  Micron  MCP  Servers  (twin  3-GHz  Intel  CPUs;  2G  byte 
DRAM;  internal  Advanced  Technology  Attachment  drive)  Compaq  DL780  (twin  733- 
MHz  CPUs;  2G  byte  DRAM),  and  a  generic/white- box  server  (an  ASUSTek 
Computer  motherboard;  500-MHz  front-side  PCI  bus;  SMC  Networks  Gigabit 
Ethernet,  Western  Digital  ATA  drive).  No  special  hardware,  vendor-supplied  drivers 
or  settings  were  used  for  any  of  the  platforms,  except  where  noted. 

We  used  Spirent  Communications  WebAvalanche  3.0  software  through  a  Gigabit 
Ethernet  switch  (D-Link)  to  test  Web  performance  using  a  series  of  three  tests. 

The  first  Web  performance  test  emulated  static  Web  page  downloads  and  the 
number  of  transactions  that  can  be  sustained  by  Apache  Web  server  on  UnixWare 
per  second.  The  second  test  involved  the  number  of  sustained  Port  80  Web  server 
connections  per  second.  It  emulated  the  number  of  aggregate  users  per  second  \ 
that  one  network  interface  card  can  handle  until  no  more  can  be  handled  and 
more  than  5%  errors  are  shown.  The  third  test  showed  the  maximum  number  of 
connections  that  can  be  achieved  per  second  to  a  Web  server  page. 

No  special  tunings  or  settings  changes  were  made  from  the  default.  The  settings 
and  tests  used  were  the  same  as  we've  used  in  testing  Windows  2003  Enterprise 
Server,  Apple  OS/X  2.3  ‘'Jaguar"  and  OS/X  3.02-” Panther,"  NetWare  6.5  and  others. 


LANsurveyor  8.5  for  Windows 


■  BY  PAUL  FERRILL 

With  the  complexities  of  today’s  network 
environment,  it’s  always  good  to  have  an 
understanding  of  the  basic  layout  of  your 
network.  Neon  Software’s  LANsurveyor  8.5 
for  Windows  provides  the  network  map 
you  need,  and  some  desktop  manage¬ 
ment  and  basic  security  tools. 

The  software  includes  a  network  map¬ 
ping  tool  and  client  software  that  it  calls 
Neon  responder.  You  don’t  need  to  install 
the  Neon  responder  client  for  basic  net¬ 
work  mapping,  although  the  management 
functions  do  require  it. 

Navigating  through  a  large  network  map 
with  this  product  to  find  a  specific  node  or 
device  might  be  difficult  without  a  way  to  fil¬ 
ter  or  search.  To  help  with  this  issue, 
LANsurveyor  includes  a 
navigation  pane  for  dis¬ 
playing  map  items  in  a 
hierarchical  tree  view. 

Graphical  display  options 
include  linear,  symmetri¬ 
cal  and  circular.The  linear 
option  displays  devices  on 
the  same  subnet  connect¬ 
ed  to  a  continuous  straight 
line,  while  symmetrical 
and  circular  use  a  round 
display  for  grouping.  You 
even  can  save  a  copy  of 
your  map  in  several  image 
formats  including  JPEG, 

Windows  Bitmap  or 
Enhanced  Metafile 
(EMF).  Microsoft  Visio  will 
directly  import  EMF  files 
to  allow  further  editing. 

Another  feature  directly 
related  to  creating  a  map 


is  the  poll  list.  A  poll  list  includes  routers 
and  other  map  objects  that  LANsurveyor 
polls  at  a  user-defined  rate.  Using  the  poll 
list,  we  really  liked  being  able  to  keep  tabs 
on  the  status  of  key  network  components, 
along  with  performance  statistics. 

Neon  doesn’t  market  LANsurveyor  as  a 
desktop  management  tool,  but  it  does  pro¬ 
vide  the  same  functions  as  you  might  find 
in  products  such  as  LANdesk  or  Microsoft’s 
System  Management  Server.  Functions 
include  system  shutdown  or  restart,  syn¬ 
chronize  clocks,  send  file  or  folder,  send 
instant  message, store  notes  about  a  specif¬ 
ic  node, stop  a  running  process  and  launch 
an  application. Other  features  include  hard¬ 
ware/software  inventory  and  software 
metering. 

On  the  hardware  inventory  side,  LAN¬ 


surveyor  had  a  little  trouble  with  our  hyper- 
threaded  server  box.  It  reported  four  CPUs, 
when  we  only  had  two.  For  software  inven¬ 
tory  LANsurveyor  did  a  pretty  good  job, 
although  some  items  were  ambiguous. One 
example  was  five  entries  titled  “Microsoft 
Office  2003,”with  five  different  version  num¬ 
bers  but  no  indication  as  to  what  part  of 
Office  (such  as  Word  or  Excel)  they  repre¬ 
sented.  Software  metering  simply  lists  all 
the  running  processes,  although  you  can  fil¬ 
ter  by  name. 

A  continuous  scan  add-on  to  the  basic 
version  delivers  a  security  tool  for  intrusion 
detection.With  more  companies  deploying 
wireless  access  points,  the  need  to  detect 
rogue  nodes  on  the  network  becomes  even 
more  important.  Continuous  scan  uses  an 
existing  LANsurveyor  map  as  the  baseline 
for  the  network,  and  then 
looks  for  new  nodes. 

Newly  detected  nodes 
show  up  in  a  threat  list. 
Information  for  each  newly 
detected  node  includes 
modified  time,  name,  con¬ 
nection  status,  authentica¬ 
tion  (via  SNMP  community 
string  or  Neon  responder), 
IP  address,  media  access 
control  address  and  hub/ 
switch  name  and  port 
number.  LANSurveyor  as¬ 
sumes  that  any  newly 
detected  node  that  doesn’t 
have  the  client  software 
installed  (or  with  an  un¬ 
known  SNMP  community 
string)  doesn’t  belong  on 
the  network.  For  legitimate 
new  nodes,  you  can  up¬ 
date  the  baseline  map  with 


LANsurveyor  8.5 


Neon  Software 

www.neon.com 

Cost:  $495  for  basic  software  (20  clients 
—  Neon  Responder);  $995  for 
Workgroup  Edition  (100  clients); 
$12,500  for  Enterprise  Edition 
(unlimited  clients  and  Continuous 
Scan  option).  Continuous  Scan 
add-on  costs  $295  for  non¬ 
enterprise  versions. 

Pros:  Detailed  map  of  all  devices 
connected  to  a  network. 

Cons:  Some  inventory  information 
incorrect  or  ambiguous. 


the  new  information. 

If  you  use  managed  hubs  or  switches  in 
your  network,  the  software  also  can  auto¬ 
matically  disconnect  unauthenticated 
nodes,  denying  access  to  the  network.  To 
enable  this  feature, you  need  the  read/write 
community  string  for  the  hubs/switches 
you  want  to  monitor. 

LANsurveyor  is  a  great  tool  for  docu¬ 
menting  your  network,  regardless  of  the 
size. With  the  client  software  installed  it  also 
provides  a  few  desktop  management  tools. 
While  they  don’t  match  up  with  some  of 
the  bigger  named  products,  the  desktop 
management  tools  do  let  you  accomplish 
some  of  the  basic  tasks.  Throw  in  the  con¬ 
tinuous  scan  product,  and  you  also  get  a 
first-line  security-monitoring  tool.  Not  a  bad 
deal  for  the  price. 

Ferrill  is  a  freelance  reviewer  and  writer 
in  Lancaster,  Calif.  He  can  be  reached  at 
paul.  ferrill@verizon.  net. 
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SEPTEMBER  8-10  |  LA  JOLLA,  CA  |  THE  LAUNCHPAD  FOR  A  WIRELESS  WORLD 


DEMOmobile  is  the  one  event  that  lets  you  seize  tomorrow's 
wireless  and  mobile  advances  before  anyone  else.  And  if  you're 
among  the  first  to  register,  you'll  save  $500,  so  act  now. 

This  event  has  grown  to  be  a  must  for  business  leaders,  VCs 
and  the  press.  Hundreds  of  companies  vie  for  the  chance  to 
launch  here,  but  only  the  most  significant  and  potentially 
profitable  make  the  cut.  Real  products  and  technologies  ready 
for  deployment  -  and  you'll  see  them  first. 


What's  more,  we've  assembled  an  A-list  of  industry  leaders  who 
will  give  real-world  context  to  these  innovations.  Just  a  few  of 
our  featured  speakers  include: 

•  Jeffery  K.  Belk,  SVP,  Marketing,  QUALCOMM 

•  Rajeev  Chand,  Senior  Equity  Analyst,  Wireless,  Rutberg  &  Co. 

•  Douglas  Gardner,  Executive  Director,  AOL  Mobile 

•  Michael  Masnick,  President,  Techdirt  Inc. 


Register  today!  $1,495  now.  $1,995  after  July  26. 
www.demomobile.com/M4A2S 


www.demomobile.com  |  1  -800-643-4668 
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Security  auditing  tools 


Pedestal  aids  in  security  enforcement 

Nm  BY  MANDY  ANDRESS,  NETWORK  WORLD  LAB  ALLIANCE 

o  corporate  security  policy  is  effective  without  enforcement,  and  enforce¬ 
ment  requires  compliance  checks.  Pedestal  Software’s  Security- 
Expressions  3. 1  is  an  agentless  product  that  audits  systems  based  on  a  pre¬ 
defined  set  of  rules,  letting  organizations  easily  identify  computers  and  other 
devices  that  do  not  conform  to  a  defined  corporate  security  policy 


In  our  tests,  we  found  that  its  flexibility 
and  ease  of  use  make  this  product  a 
strong  tool  for  automating  security  com¬ 
pliance  reviews  in  an  enterprise  network. 

The  SecurityExpressions  installation  is 
a  simple  process  that  uses  the  standard 
Windows  installer  technology.  Once 
installed,  it  can  be  used  as-is,  with  a 
stand-alone  console  that  can  reside  on 
just  about  any  Windows  system.  Or  you 
can  use  distributed  consoles  and  have  all 
data  logged  to  a  central  database. 
SecurityExpressions  is  easily  configured 
to  record  data  into  an  Open  Database 
Connectivity  enterprise  database, such  as 
Oracle. 

SecurityExpressions’  value  lies  in  its 
security  policy  (.sif)  files,  which  com¬ 
prise  the  technology  that  lets  organiza¬ 
tions  automate  security  policy  compli¬ 
ance  checks.  SecurityExpressions 
includes  .sif  files  that  outline  security 


Results 


OVERALL  RATING 


SecurityExpressions  3.1  WL 


Company:  Pedestal  Software, 
www.pedestalsoftware.com  Cost:  $29 
per  desktop  and  $695  per  server.  No 
charge  for  the  management  console. 
Pros:  Very  intuitive  and  easy  to  use; 
immense  flexibility  for  audit  definition. 
Cons:  Console  can  run  only  on  Windows; 
unresponsive  scans  hang;  needs 
improved  timeouts. 


The  breakdown 


Policy  definition  30% 
Policy  compliance/remediation  30% 


Ease  of  use  20%  4.0 


Reporting  20% 
TOTAL  SCORE 


4.0 


4.3 


best  practices  and  guidelines  that 
Microsoft,  The  SANS  Institute,  The 
National  Institute  of  Standards  and  Tech¬ 
nology, The  National  Security  Agency  and 
the  Department  of  the  Navy  have  pub¬ 
lished.  These  policy  files  check  registry 
keys,  file  permissions  and  account  pass¬ 
words  against  the  set  policies.  Additional 
.sif  files  reflecting  other  policies,  such  as 
SANS  Linux  guidelines  and  Windows 
Service  Packs,  are  also  available  online 
for  free  for  registered  customers. 

Within  the  console,  administrators  can 
view  the  details  of  each  specific  check 
the  policy  files  perform.  SecurityExpres¬ 
sions  is  very  flexible  in  that  these  checks 
can  be  modified  to  fit  an  organizations 
requirements.They  also  can  be  copied  to 
a  new  policy  file  if  an  administrator 
wants  to  create  a  custom  policy  Ad¬ 
ministrators  can  import  a  Windows 
Group  Policy  file  that  SecurityExpres¬ 
sions  then  can  translate  into  a  .sif  file  for 
audit  checks. 

SecurityExpressions  audits  Windows 
systems  themselves  using  Windows  Net¬ 
working  tools  such  as  admin  shares  and 
remote  registry  files.  SSH  Version  2  con¬ 
nections  are  used  for  Unix/Linux  systems 
where  authentication  can  be  standard 
password  authentication  or  RSA  Security 
public  key.  An  agent  is  available  for  sys¬ 
tems  that  have  stricter  security  re¬ 
quirements,  such  as  those  that  cannot 
run  remote  registry  or  file  sharing.  The 
product  also  can  schedule  audits  to  run 
automatically 

In  addition  to  auditing,  SecurityEx¬ 
pressions  includes  remediation  function¬ 
ality  to  fix  identified  issues  or  systems  not 
in  compliance  with  a  defined  policy 
These  fixes  can  be  easily  deployed  with  a 
mouse  click  but  need  to  be  used  with 
caution  on  production  systems,  as  any 
change  has  the  potential  to  disrupt  a  pro¬ 
duction  environment. 

SecurityExpressions  includes  a  Win¬ 
dows  patch  policy  so  this  product  could 
be  used  for  patch  management. 

Each  deployed  fix  can  be  logged,  but 
this  is  not  enabled  by  default.  Once  log¬ 
ging  is  enabled,  rollback  for  deployed 


How  We  Did  It 


We  installed  SecurityExpressions  on  a  generic,  Intel-based  2-GHz,  2G- 
byte  RAM  system  running  Windows  2000  Server  and  a  1. 2-GHz,  512M- 
byte  RAM  laptop  running  Windows  XP  Professional. 

We  scanned  five  Windows  systems  and  three  Linux/Unix  systems  with  a  vari¬ 
ety  of  policies  from  each.  We  also  scanned  three  Windows  and  two  Linux/Unix 
systems  that  resided  on  a  network  in  a  remote  office  via  a  VPN  tunnel.  We  also 
scanned  systems  in  the  local  network  that  were  part  of  a  different  Windows 
domain. 

We  then  imported  a  group  policy  into  SecurityExpressions  and  created  our 
own  custom  policy  file  to  run  against  systems  in  our  Windows  domain. 


fixes  is  simple.  SecurityExpressions  just 
reverses  the  original  change  when  the 
administrator  selects  the  rollback  action, 
usually  after  a  change  introduces  an 
adverse  effect  into  the  environment. 

For  reporting,  SecurityExpressions  in¬ 
cludes  a  Crystal  Reports  engine  and  a 
number  of  default  reports  ranging  from 
full  scan  details  to  high-level  trends.  For 
report  creation,  administrators  can  select 
scan  results  and  machines  to  include  in 
the  report.  You  can’t  create  your  own 
report  templates,  though. 

We  encountered  a  few  issues  with  the 
console  crashing  or  consuming  100% 
CPU  utilization. This  occurred  when  we 
audited  systems  that  resided  in  a  differ¬ 
ent  physical  location  and  needed  to 
scan  over  a  WAN  connection,  audited 
systems  in  a  different  Windows  domain 
than  the  console  resided,  and  shut¬ 
down/rebooted  a  system  in  the  middle 
of  a  scan. The  CPU  utilization  issue  only 
surfaced  on  the  laptop.  The  Windows 
server  did  not  have  any  CPU  issues,  but 
the  console  hung  and  required  a  forced 
process  termination. 

SecurityExpressions  includes  a  distrib¬ 
uted  proxy  functionality  which  should  be 
used  for  auditing  systems  in  a  remote 
office.  It  should  include  better  timeout 
parameters  in  all  of  its  checks. The  weak 
password  policy  includes  a  timeout  on 
non-response,  but  not  all  policies  include 
this  functionality 

Overall,  we  can  say  that  Security- 
Expressions  helps  companies  customize 


and  automate  security  compliance 
checks  in  line  with  their  policies. With  the 
growing  security  compliance  require¬ 
ments,  this  is  no  small  accomplishment. 

Andress  is  president  of  ArcSec  Tech¬ 
nologies,  a  security  company  focusing 
on  product  reviews  and  analysis.  She 
can  be  reached  at  mandy@arcsec.com. 


make  network  management  simple  and  affordable.  You'll  save  on  deployment  time  too,  thanks  to  this  ready-to-go  package.  Sure,  modular  design 
leaves  room  to  expand  later,  but  HP  Blade  Servers  can  also  make  a  big  impact  on  your  total  cost  of  ownership  in  the  meantime.  Our  management 
software  boosts  productivity  and  cuts  reconfiguration  efforts  from  days  to  minutes.  And  because  your  time  is  money,  the  BL20p  features  fully 
redundant  technologies  to  reduce  costly  downtime.  While  our  #1  ranking  in  lntel*-based,  server-customer  satisfaction  is  one  reason  we  recently  became 
the  first  to  sell  over  1 00,000  blade  servers,  there's  more  than  one  reason.  You  also  get  the  advice  and  support  of  HP  and  our  local  partners— well 
before  and  long  after  you  buy.  Even  when  you  buy  at  more  than  30%  off. 


Save  33% 

Get  the  HP  ProLiant  BL20p  bundle, 
and  you'll  save  big  compared  to 
the  cost  of  buying  the  two  servers 
and  accessories  separately. 


HP  PROLIANT  BL20p  BLADE 
SERVER  BUNDLE 


$8,999 


Lease  for  as  low  as 

$375  a  month 


(2)  BL20p  Blade  Servers 
Each  Blade  Server  includes: 

-  (2)  Intel*  Xeon™  processors  3.06GHz-512k 

•  (3)  10/100/1000  NICs  +  (1)  10/100  iLO  NIC 

-  1GB  DDR  memory2 
p-Class  blade  enclosure 

p-Class  single  phase  power  enclosure 
with  2  power  supplies 
Mini  bus  bar  kit 

(8)  Rapid  Deployment  Pack  licenses 


invent 


Download  information  about  HP  Blade  servers. 

Read  a  white  paper  highlighting  total  cost  of  ownership  and  the  Factiva  and 
iSource  case  studies  demonstrating  ROI. 

CALL 

1-877-726-8112 

CLICK 

hp.com/go/blades9 

VISIT 

your  local  HP  reseller 
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In  the  firing  line 

When  you  have  to  let  an  employee  go,  take  steps  to  make  the  termination  process  less  painful. 


■  BY  LINDA  LEUNG 

You  feel  sick  to  your  stomach.Your  palms  are  sweaty,  and  you’ve  been  up  half  the  night 
with  the  words  “Effective  today,  your  position  in  the  company  has  been  terminated” 
swirling  around  in  your  head.  When  you’re  the  manager  who  hires  IT  professionals, 
someday  you  might  be  called  upon  to  fire  them. 


How  do  you  make  the  employee  termination  as  quick 
and  as  painless  as  possible  for  both  sides?  Whether  you’re 
letting  someone  go  because  of  misconduct,  poor  perfor¬ 
mance  or  company  restructuring,  here  are  a  few  golden 
rules  to  follow. 

1.  Keep  good  records. 

If  misconduct  is  the  reason  for  the  dismissal,  be  sure  to 
document  the  warnings  the  employee  received.  Some  cor¬ 
porate  policies  say  the  individual  should  receive  one  ver¬ 
bal  warning,  one  written  warning  if  another  incident 
occurs  and  termination  after  the  third  incident. 


Robert  Morgan,  president  of  the  employment  solutions 
practice  at  staffing  and  outplacement  provider  Spherion, 
counsels  against  using  the  three-strikes  approach.  “It  may 


not  be  appropriate  if,  say,  the  employee  was  rude  to  a  cus¬ 
tomer  —  that  would  be  an  immediate  termination,” he  says. 

If  warnings  are  given,  particularly  if  the  cause  is  perfor¬ 
mance-related,  be  sure  to  document  the  job  specification, 
where  the  individual  is  falling  short, and  how  and  by  when 
the  improvements  should  occur.  Give  a  copy  of  the  docu¬ 
ment  to  the  employee,  and  let  him  know  when  the  next 
review  date  will  be. 

2.  Pick  the  proper  time  and  place. 

The  best  time  to  terminate  a  worker  is  at  the  beginning  of 
the  week,  according  to  experts.  “You  want  him  to  have  a 
business  day  to  recover^  says  Duncan  Mathison,  senior 


consultant  at  outplacement  firm  DBM.“If  you  tell  him  on  a 
Friday  he’ll  spend  the  weekend  stewing.” 

Morgan  agrees  and  says  a  weekday  firing  also  lets  man¬ 
agers  explain  to  the  rest  of  the  staff  what  has  happened 
and  how  the  workload  will  be  distributed. 

Schedule  the  termination  meeting  to  occur  when  are  few 
people  are  around,  such  as  early  in  the  morning  or  at 
lunchtime.  It  also  should  take  place  in  a  neutral  room, 
preferably  close  to  a  building  exit,  Morgan  says.  If  you  con¬ 
duct  the  discussion  in  your  office,  the  employee  might  feel 
reluctant  to  leave  the  room,  and  if  it  takes  place  in  the 
employee’s  office,  that  person  would  feel  awkward  after 
you  walk  away 

3.  Plan  the  participants  and  the  dialogue. 

The  direct  manager  should  conduct  the  meeting.“If  man¬ 
agers  can’t  terminate  as  well  as  hire,  they’ve  lost  respect  of 
their  team,”  Morgan  says.  Don’t  pass  the  buck  to  a  human 
resources  representative,  whose  role  is  to  sit  in  on  the  meet¬ 
ing  to  provide  support  and  be  ready  to  answer  questions 
about  benefits  the  company  might  owe  to  the  employee. 

When  delivering  the  news,  Mathison  says,  to  cover  what’s 
happening  and  why,  the  effective  date  of  termination,  an 
affirmation  that  there  is  no  alternative  and  an  expression  of 
condolence. 

If  you’re  dismissing  an  employee  who  has  failed  to  meet 
project  deadlines  despite  several  warnings,  you  might  say 
“We’ve  talked  with  you  several  times  of  our  needs  and 
asked  you  to  meet  deadlines,  but  we  have  not  seen  any 
improvements.  Effective  today,  we  are  relieving  you  of  your 
duties.  Sorry  but  today  is  your  last  day  with  the  company 
There  is  no  alternative.” 

Then  fall  silent.  Don’t  defend,  justify  or  argue  the  deci¬ 
sion.  Listen  carefully  to  the  reaction  and  repeat  the  script. 

if  the  worker  asks  to  speak  to  a  senior  manager  say  that 
the  senior  manager  knows  of  the  decision  and  repeat  the 
script.  If  the  employee  asks  who  else  is  affected,  say  that 
you  appreciate  his  concern  for  fellow  colleagues  but  that 
you’re  there  to  discuss  him  and  no  one  else. 

“If  [the  employee]  is  getting  angrier  it  means  that  you’re 
justifying”  Mathison  warns. 

Wait  until  the  employee  asks  about  the  next  step  or  about 
severance  packages  —  that’s  your  cue  that  he  understood 
the  message.  If  the  worker  doesn’t  bring  it  up,  ask  if  he  is 
ready  to  discuss  the  next  step. 

The  individual  should  walk  away  knowing  what  the  next 
stage  is,  whether  there  will  be  an  outplacement  agency  on 


hand  and  if  he  will  be  paid  for  unused  vacation  time  or 
other  benefits.  This  information  should  be  spelled  out  in 
the  termination  letter. 


4.  Arrange  the  exit. 

Many  tales  have  been  told  of  just-fired  employees  being 
marched  out  of  the  building  by  security  guards  and  carry¬ 
ing  their  possessions  in  a  cardboard  box.  Remember  the 
goal  is  to  treat  everyone  with  respect  and  professionalism, 
so  experts  advise  against  using  security  guards,  even  for 
misconduct  dismissals. 

If  an  escort  is  necessary,  have  an  HR  representative  do  it. 
Also,  give  the  worker  choices:  Does  the  IT  professional  want 
to  collect  his  possessions  now  or  later? 

5.  Head  off  litigation. 

“Whether  or  not  you  are  sued  depends  on  how  you 
manage  the  exit,"  says  Mathison,  who  believes  that  there 
are  two  reasons  why  former  employees  sue:  for  money  or 


because  they  weren’t  given  help  to  look  for  another  job. 
“'I'm  sorry  are  two  simple  words.  Express  condolence. 
Have  compassion. 

“Whether  or  not  you  win  [a  wrongful  dismissal  case] 
depends  on  whether  you  have  the  documentation,”  he 
adds.  ■ 


ILLUSTRATIONS  NOAH  Z  JONES 


www.nwfusion.com 


E-mail  Newsletter  Showcase 


7/12/04 


SECURITY  NEWSLETTER 

Turning  back 
the  clock 

Professor  proposes  a  better  log  to 
replay  computer  events. 

■  BY  M.  E.  KABAY 

Many  readers  already  know  about 
the  new  Automated  System  Re¬ 
covery  feature  of  Windows  XPThe 
system  keeps  a  log  file  with  records  of  all 
changes  to  disk  at  specified  times  or  after 
specified  events.The  log  files  enable  you, 
in  theory,  to  revert  to  a  previous  state  of 
your  hard  disk(s),  thus  reversing  the 
effects  of  bad  installations,  harmful  soft¬ 
ware  or  some  kinds  of  hardware  acci¬ 
dents. 

Wouldn’t  it  be  wonderful  to  be  able  to 
log  more  than  a  static  copy  of  your  hard 
disk  at  specified  times  so  that  you  could 
actually  replay  events?  Such  functionality 
would  be  invaluable  in  forensic  investiga¬ 
tions  of  attacks  on  systems  or  in  analyzing 
accidents  causing  harm  to  data  or  config¬ 
uration.  Knowing  the  details  of  such 
changes  could  greatly  improve  the 
chances  of  correcting  the  damage  and 
developing  methods  for  fighting  similar 
attacks. 

Professor  Peter  Chen  of  the  Advanced 
Computer  Architecture  Laboratory  at  the 
University  of  Michigan  has  proposed 
using  a  virtual  machine  called  ReVirt  to 
log  all  significant  events  to  disk,  permit¬ 
ting  not  only  reversion  to  any  given  point 
in  time,  but  also  replay  of  the  events  in  a 
computer  attack.  Chen  estimates  that  a 
lOOG-byte  hard  disk  could  easily  store  sev¬ 
eral  months’  worth  of  log  files  with  mini¬ 
mal  overhead.  Chen  and  his  colleagues 
published  an  article  whose  abstract  is  as 
follows: 

“Current  system  loggers  have  two  prob¬ 
lems:  they  depend  on  the  integrity  of  the 
operating  system  being  logged,  and  they 
do  not  save  sufficient  information  to 
replay  and  analyze  attacks  that  include 
any  non-deterministic  events.  ReVirt 
removes  the  dependency  on  the  target 
operating  system  by  moving  it  into  a  vir¬ 
tual  machine  and  logging  below  the  vir¬ 
tual  machine. This  allows  ReVirt  to  replay 
the  system’s  execution  before,  during,  and 
after  an  intruder  compromises  the  sys¬ 
tem,  even  if  the  intruder  replaces  the  tar- 
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get  operating  system.  ReVirt  logs  enough 
information  to  replay  a  long-term  execu¬ 
tion  of  the  virtual  machine  instruction-by- 
instruction. This  enables  it  to  provide  arbi¬ 
trarily  detailed  observations  about  what 
transpired  on  the  system,  even  in  the  pres¬ 
ence  of  non-deterministic  attacks  and  exe¬ 
cutions.  ReVirt  adds  reasonable  time  and 


space  overhead.  Overheads  due  to  virtual¬ 
ization  are  imperceptible  for  interactive 
use  and  CPU-bound  workloads,  and  13  — 
58%  for  kernel-intensive  workloads. 
Logging  adds  0%-8%  overhead,  and  log¬ 
ging  traffic  for  our  workloads  can  be 
stored  on  a  single  disk  for  several  months.” 

(Full  text  in  PDF  available  free  for  ACM 


Digital  Library  subscribers  or  by  online 
purchase,  for  $5.) 

I  am  looking  forward  to  hearing  more 
about  Professor  Chen’s  work  and  hope 
that  it  will  lead  to  products  that  we  will 
be  able  to  use  easily  and  well  in  analyz¬ 
ing  and  defending  against  damage  to 
our  systems.  ■ 


All  this  just  to 
monitor  the  status 
of  your  servers? 


Increase  server  uptime  without  wasting  YOUR  time. 


Monitoring  the  status  of  your  servers  isn’t  supposed  to  be  a 
challenge.  It’s  supposed  to  be  fast  and  easy— and  with  our 
powerful  new  ServerVision™  server  monitoring  software,  it  is. 

Easy,  powerful  server  and  event  log  monitoring:  Get 

a  quick  view  of 
server  status, 
prioritized  event 
logs,  disk  space, 
memory,  CPU, 
performance, 
and  more- 
all  without 

having  to  sift  through  a  mountain  of  details.  And  setting  it  all  up 
is  a  snap  with  our  straightforward  user  interface  and  wizards. 


Automated  responses  and  alerts:  Create  automated 
actions  such  as  running  a  program,  rebooting  a  system,  or 
restarting  a 
service— as  well 
as  sending  you 

,  .  ,  ,  Server  Monitor  Software  DONE  RIGHT 

alerts— based  on 

events  or  thresholds  you  define.  Detailed  analysis  reporting: 
Create  detailed  reports  on  event  logs,  performance,  services, 
and  more.  Configurable  trend  analysis:  Create  and  view 
performance  trends,  in  intervals  from  minutes  to  months. 

Easy  on  your  budget:  Pricing  starts  at  $245  per  server,  with 
sliding-scale  volume  discounts.  Free  trial:  Download  a  free 
trial  copy  at  w'ww.sunbelt-software.com/svnww. 

SUNBELT  SOFTWARE 


servervfsion 


Sunbelt  Software  Tel:  1-888-NTUTILS  (688-8457)  or  1-727-562-0101  Fax:1-727-562-5199  www.sunbelt-software.com  sales@sunbelt-software.com 


©  2004  Sunbelt  Software  All  rights  reserved  ServerVision  is  a  trademark  of  Sunbelt  Software.  All  trademarks  used  are  owned  by  their  respective  companies 
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GTA  Firewall  Products 

Tough  Network  Security 


H2A  -  High  Availability 

Gigabit  Ethernet  Support 

NIC  expansions 

Affordable  pricing 

GTA  Experience  -  Building 
Firewalls  for  Over  1 0  Years 


Choose  from  5  Firewall  Appliances  to 
Match  Your  Network  Infrastructure 

Easy,  Flexible  Implementation 

Certified  to  ISCA  4.0  Corporate 
Standards 


IPSecVPN 


Surf  Sentinel®  2.0  -  Content  Filtering 
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A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in. server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 

Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry’s  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 
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I  KVM  HACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Rose  Eleefcrohics 
10707  Stahcliff.Road 
Houston,  Ttexas  77099 


ROSE  US  +281  933  7673 

ROSE  EUROPE  '  +  44  (0)  1264  850674 
ROSE  ASIA  :.  +65  6324  2322 

ROSE  AUSTRALIA .  +  61 7  3388  1540 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 
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UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 

•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 


SBESS*  ..»««*- 

UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 

•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand 


800  333  9343 

WWW.ROSE.COM 


ELECTRONICS 


Still  searching  for  that  perfect 


Search  no  more 


Servers 

Ethernet 


■  Syslog 


■  Active  Directory 
and  RADIUS 


With  fifteen  years  of  networking  expertise,  only  Cyclades  can  offer  a  complete 
out-of-band  management  solution  that  connects  your  environment  today  and 
integrates  into  your  data  center  of  tomorrow. 

Call  us  now  and  put  an  end  to  your  search. 


www.cyclades.com/nw 

1.888.cyclades  ■  sales@cyclades.com 

£>2004  Cjdodes  Corporoftoo.  AH  rights  reserved.  AH  other  trademarks  end  product  images  ore  property  of  their  respective  oteners.  Product  mbnnotion  rubier!  to  (lunge  wirhoot  isoIko 


cyclades 


KVM  over  IP 

Up  to  500  ft  (CAT-5)  cabling 
Up  to  1024  servers  per  system 
Integrated  power  management  capability 
Advanced  Security  &  server-based  Authentication 


Cyclades  elevates  today’s  KVM  solutions  with  the 
AlterPath™  KVM/net.  In  direct  response  to  feedback 
from  serving  80%  of  Fortune  100  companies, 
the  AlterPath™  KVM/net  brings  a  unique  set  of 
features  unparalleled  in  the  market  today: 


AlterPath™  KVM/m* 

Enterprise  KVM  Solutions 


try  f'iJt 


Hfcl 


Custom  Management  Levels 

OBSERVER 

•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  Real-time  statistics 

EXPERT  OBSERVER 

•  Wfiat-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 

OBSERVER  SUITE 

•  Complete  SNMP  device  management 

•  Supports  full  RMON1,  RM0N2,  HCRMON 

•  Web  Publishing  Reports 
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Remote  &  Hardware  Options 

REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 

GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  independent  views 


US  &  Canada  Toll  free:  (800)  526-5958  •  Fax:  (952)  932-9545  •  UK  &  Europe:  +44  (0)  1959  569880 

•  One  Network  sj/  Complete  Control  Wired  to  Wireless  •  LAN  to  WAN 
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AKE  IT  HAPPEN 


Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn’t  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine 

introducing  Observer  9  ^ 

•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 
multi-session  support 

•  Industry-first  4GB  packet  capture  buffer 

•  Wireless  Site  Survey  Modes 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events 

•  SNMP,  RMON  and  now  HCRMON  support 


www.networkinstruments.com/nine 

>  2004  Network  Instruments,  LLC.  All  rights  reserved.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
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superb*  —pc  Magazine 


Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 


♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  &  PDF  while  displaying  embedded 
links,  formatting  &fBHH 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 


dtSearch  Reviews... 

♦  “The  most  powerful  document  search  tool  on  the  market’ 
—  Wired  Magazine 


PUBLISH 

for  CD/DVDs 
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5Up€fbw— PC  Magazine 


♦  “Intuitive  and  austere  ...  a  superb  search  tool”  — PC  World 

♦  “Blindingly  fast”  —  Computer  Forensics:  Incident  Response 

Essentials 

♦  “A  powerful  arsenal  of  search  tools”  —  The  New  York  Times 

♦  “Covers  all  data  sources  ...  powerful  Web-based  engines” 

—  eWEEK 

♦  “Searches  at  blazing  speeds”  —  Computer  Reseller  News 

Test  Center 


The  Smart  Choice  for 
Text  Retrieval®  since  1991 
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One  Equinox  Way,  Sunrise  FL  33351,  email:  sales@equinox.com  or  for  international  customers  email:  intisales@equinoxcom. 
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D4m  A 
Client 


SSH 

Client 


Unux  Server 
Unix  Server 
Windows  Server  a, 
Router 
Switch  « 


AVWorks 
Software  Client 


Power 

Control 


Relax  and  fix  the  problem  from  virtually  anywhere. 

When  critical  servers  or  network  equipment  malfunction, 
the  Equinox  CCM  console  manager  and  AVWorks® 
management  software  give  you  the  tools  to  securely  and 
quickly  restore  normal  functionality  from  anywhere. 


Extend  your  reach 


Available  in  8,  16 
and  48- ports. 


For  your  free  white  paper  on 
Best  Practices  for  Secure 
Console  Port  Management  visit 

www.equinox.com/ccm4 

For  a  30-day  product  evaluation 
call  1-800-275-3500  ext  247  or 
954-746-9000  ext  247 


CCM  Console  Manager  features: 


■  SSH  v2/Telnet  host 

■  Strong  authentication 

■  Offline  buffering 

■  SUN  break  safe 


■  In/out  of  band  access 

■  Point  and  dick  access 
to  serial  consoles,  KVM 
and  power* 


*  To  be  provided  in  future  upgrade  for  the  48-port  model. 


Stop  juggling  with 
multiple  management  tools 
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#  Keep  IT  simple 


ManageEngine" 

OpManager 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  today.. 


Available  for  Linux,  Solaris  and  Windows 


www.opmanager.com 


FREE 

30  Day  Trial 
Download 
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How  Do  You 
Distribute 

20,000  Watts  in 
Your  Cabinet? 

Sentry  CDU  Cabinet  Power  Distribution 


High-density  Equipment  Cabient  Power  Distribution- 

84-Outlet  Receptacles  « 

20,000  Watt  3-Phase  Power  Distribution  Model « 

10,000  Watt  208  VAC  Power  Distribution  Model  « 

True  RMS  Power  Monitoring  per  Branch  Circuit  « 
Local:  Digitial  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing  « . 

Web  Interface  A 

SNMP,  MIB  &  Traps  « 

Integrated  Temperature  &  Humidity  Probes 

Color-coded  Outlets  by  Branch  Circuit/Electrical  « 
Phase  for  Easy  Identification 

Center  Rail  Notch'  for  Simplifying  Cabinet  Installation 


OSecver  Technology,  he  Sentry  «s  a  trademark  of  Server  Technology,  he 


Server 

w  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


!  Power  demands  from 

today's  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
The  Sentry  CDU  distributes 
power  for  up  to  42  dual¬ 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 

1VAC  single-phase  outlet 
receptacles. 
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Server  Technoloav.  ki 


Intelligent  Serial 
Internal  Modem 


Internal  33.6  Kbps  Modem 
Secure  Dialback  Feature 
Password  Protection 
Invalid  Access  Lockdown 
Periodic  Modem  “AT”  Refresh 
Seven  RS232  DB-9  Console  Ports 
Any-to-Any  Port  Switching 
Non-Connect  Port  Buffering 
Data  Rate  Conversion  300  to  115K  bps 
AC  and-48  DC  Power  Options 


Port  Switch  with 


The  APS-8M  Asynchronous  Port  Switch  is  a  cost 
effective  Terminal  Server  alternative,  plus  you  get  an  internal  modem 
which  saves  rack  and  cabling  hassles.  Connect  multiple  devices  for  on-site 
and/or  dial-up  remote  communications.  High  data  throughput,  full  modem 
and  data  flow  control  all  add  up  to  make  the  APS-8M  the  perfect  data  switch 
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or  today’s  remote  network  management  applications. 

WWW.Wti.com  (800)  854-7226 
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Celebrating  our  40th 
Year  in  DataCom 


“Keeping  the  Net.. .Working!” 
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Tel:  877-373-2700 
www.ims-4000.com 


Phonetics,  Inc. 
901  Tryens  Road 
Aston,  PA  19014 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


Eight  environment  inputs 
Power  sensing 
Monitors  64  IP  addresses 
Send  alerts  to  64  people 
8  methods  of  contact 
Calendar  scheduling 
Expands  to  256  sensors 
Remote  power  control 
Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Microphone 

for  Sound 
Monitoring 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
H  Pager  Port 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Hre) 


SOLUTIONS 


•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  I S  0  -  9  0  0 1 

•  USB  Modem  and  Hub 
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Toll  Free  866-SITech-l 


630-761-3640,  Fax  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 


Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW2004 
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IT  Careers:  Leaders  of  Top  Education  Programs  Look  to  Future 


The  leaders  of  the  nation's  top  computer  science/software  engineering 
degree  programs  agree  on  two  things  about  preparing  the  IT  workforce 
of  the  future.  First,  they  need  to  attract  more  people  to  the  technical 
professions.  Second,  the  breadth  and  dexterity  of  what  is  covered  in 
lifelong  learning  continues  to  grow. 

U.S.  News  &  World  Report  rated  Rose-Hultman  Institute  of  Technology,  Cal- 
Poly  (San  Luis  Obispo)  and  The  Cooper  Union  as  the  top  three  institutions 
for  undergraduate  computer  engineering. 

Dr.  George  Campbell,  president  of  The  Cooper  Union  for  Advancement  of 
Science  and  Art  in  New  York  City,  looks  at  the  issue  of  technology 
education  from  two  perspectives  -  in  his  current  role  as  an  academic 
leader  and  his  previous  role  as  CEO  of  NACME,  a  non-profit  devoted  to 
science  and  technology  education  and  policy.  "The  most  significant 
deficiency  we  have  been  unable  to  overcome  is  under-representation  of 
women  and  minorities"  in  technical  studies,  Campbell  says.  "In  the  past  we  have  filled  the 
workforce  needs  by  bringing  technology  workers  into  this  country.  This  is  no  longer 
working.  Other  countries  are  investing  a  greater  proportion  of  their  gross  national  product 
in  the  education  of  their  own  technical  workforce." 

Cooper  Union's  situation  is  highly  unique;  the  institution  has  1,000  students,  100%  of 
whom  are  on  full  tuition  scholarships.  Approximately  32%  of  the  students  are  female.  The 
number  is  higher  than  the  nationwide  average  of  women  in  technology  (23%).  However, 
the  number  of  African-Americans,  Latinos  and  American  Indians  enrolled  in  technology 
courses  nationwide  remains  in  low  double-digit  figures.  Campbell  believes  change  will 
occur  only  through  intervention  at  earlier  ages  to  attract  children  from  inner  city  schools. 

While  demographics  and  numbers  are  critical,  given  that  the  vast  majority  of  higher  paying 
jobs  is  in  the  technology  areas,  so  too  is  the  breadth  of  studies  undertaken.  According  to 
Campbell,  "Most  of  the  technology  advances  that  took  place  in  the  20th 
century  resulted  from  major  breakthroughs  in  physical  sciences  -  quantum  mechanics,  solid 
state  physics,  chemistry  and  so  on,"  Campbell  explains.  "In  the  future,  more  advances  in 


technology  will  be  driven  by  breakthroughs  and  greater  understanding  of 
processes  in  life  sciences — self  replication,  DNA  and  the  like.  I  believe  all 
engineering  majors  should  have  a  course  in  molecular  cell  biology,  just  as 
physics  and  chemistry  are  required  today." 

In  addition  to  major  shifts  in  curriculum  to  include  life  sciences,  Campbell 
says  educational  programs  have  to  avoid  the  trap  of  relying  on 
simulations  alone  to  help  teach.  "You  really  need  to  understand  the  ideas 
to  comprehend  the  technology  that  is  behind  it,"  he  says. 

Dr.  Cary  Laxer,  head  of  the  software  engineering/computer  science 
program  at  Rose-Hultman  Institute  of  Technology,  says  the  breadth  of 
capabilities  required  also  must  be  addressed.  Rose-Hultman  already  has 
added  courses  in  critical  areas  -  networking,  computer  security  and 
cryptography.  "We've  added  a  required  course  in  technical 
communications,"  Laxer  adds,  "to  make  sure  our  graduates  can 
communicate  with  a  variety  of  constituencies."  Laxer  and  his  peers  at  other  U.S.  universities 
continue  to  assess  the  longer  term  future  of  technology  and  adjust  curricula  accordingly. 
Adding  courses  is  just  one  aspect  of  that  change  -  professional  development  for  faculty 
and  equipment  for  students  also  has  to  be  included. 

The  third  critical  aspect  of  IT  education  is  lifelong  learning,  say  Campbell  and  Laxer.  "This 
isn't  just  a  technical  issue,"  stresses  Campbell.  "There  needs  to  be  a  balance  between 
liberal  arts  and  technology  learning  throughout  life.  This  is  so  important  in  understanding 
the  context  in  which  we  do  science  and  engineering  -  the  ethics,  societal  implications  and 
economic  effects.  These  are  the  things  that  separate  professionals  and  visionary  leaders" 
from  others,  Campbell  adds. 

For  more  information  about  IT  Careers  advertising,  please  contact: 

Nancy  Percival,  Vice  President,  Recruitment  Advertising 
800.762.2977 

500  Old  Connecticut  Path,  Framingham,  MA  01701 
Produced  by  Carole  R.  Hedden 


DATABASE  ADMINIS- 
TF3ATOR:  sought  by  IT 
co.  in  Houston,  TX. 
Must  have  degree  & 
exp.  Respond  by 
resume  only:  E. 

Pascual,  President 
T/B#10,  Komputer  + 
Peripherals,  Inc.,  11750 
Wilcrest  Dr.,  Houston, 
TX  77099 


itcareers.com  can  solve  the 
labyrinth  of  job  hunting  by 
matching  the  right  IT  skills 
with  the  right  IT  position. 

Find  out  more  at: 
www.itcareers.com 


IT  PROFESSIONALS 
Senior  Consultant 

(Glen  Mills.  PA  and  other  locations  throughout  the  United  States).  Lead  a 
team  of  Siebel  customization  developers  in  a  Siebel  Application  develop¬ 
ment  environment,  specifically  with  Siebel  Actuate  reporting.  Responsible 
for  the  creation  of  project  plans,  level  of  effort  estimation,  finalizing  scope 
of  the  engagement,  resource  allocation  and  prioritization  of  tasks  of  team 
members.  Responsible  for  liaising  with  business  users  to  discuss  imple¬ 
mentation  options  for  reporting  and  presenting  and  review  the  design  and 
prototypes  of  the  proposed  reporting  solutions.  Responsible  for  the  scop¬ 
ing  and  mapping  of  operational  reporting  requirements  to  Actuate  Siebel 
reports  with  report  parameters/filters.  Design  and  develop  the  latest  ver¬ 
sions  of  Actuate  Siebel  reports,  and  set  up  scheduling  options,  and  user 
groups  for  security  control  utilizing  the  Actuate  Report  Server.  Customize 
Siebel  enterprise  applications  such  as  Siebel  Sales,  Siebel  Call  Center 
and  Siebel  service  utilizing  Siebel  tools  such  as  Siebel  VB/eScript.  Utilize 
Oracle  SQL  capabilities  for  testing  methods  of  data  transfer  and  storage 
in  the  Siebel  Database  and  for  loading  data  via  Siebel  EIM  for  perfor¬ 
mance  testing  activities. 

The  wage  offered  is  $82,000/year.  The  work  schedule  is  Monday-Friday 
9:00am-5:00pm.  The  minimum  requirements  are  as  follows:  Bachelor's 
degree  or  equivalent  in  Computer  Science,  Engineering  (any),  Business 
Administration.  Information  Systems  or  Mathematics  plus  6  years  experi¬ 
ence  in  the  job  offered  or  6  years  experience  as  a  Manager,  Senior 
Consultant,  Consultant,  Associate  Consultant,  or  Senior  Analyst. 
Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a  U.S. 
Bachelor's  degree  as  determined  by  an  accredited  credentials  evaluation 
service.  Related  experience  must  also  include  at  least  2  years  of  Siebel 
Actuate  Reporting,  Siebel  Application  Development  Environment  (Siebel 
Tools)  and  Oracle/SQL. 

Please  send  your  resume,  referencing  Job  Order  Number  WEB  433177 
to  the:  PA  CareerLink,  FLC  Unit,  235  W.  Chelten  Avenue,  Philadelphia,  PA 
19144.  EOE. 


BCC  USA  Inc.  -  Portland, 
Maine  needs  experienced 
Programmer  Analysts  hav¬ 
ing  a  Bachelors  degree  with 
minimum  two  years  of  pro¬ 
gressive  work  experience  in 
Java,  J2EE,  EJB,  JSP, 
Servlets,  JavaScript,  XML, 
XSL,  MVC,  Struts,  Weblogic 
and  Oracle.  Competitive 
salary  and  benefits.  M-F,  40 
hours/week.  Please  mail 
your  resume  to  BCC  USA 
Inc.,  HR  Department,  650 
Main  Street,  Suite  201, 
South  Portland,  ME  04106. 


BCC  USA  Inc.  -  Portland, 
Maine  needs  experienced  Da¬ 
tabase  Administrators  having  a 
Bachelors  degree  with  mini¬ 
mum  two  years  of  progressive 
work  experience  in  design, 
development  and  installation  of 
databases  using  Oracle.  Sy¬ 
base  Developer,  Pro'C,  Perl 
DBI,  Unix,  PL/SQL,  Informati¬ 
cs,  Autosys  and  Erwin.  Com¬ 
petitive  salary  and  benefits.  M- 
F,  40  hours/week.  Please  mail 
your  resume  to  BCC  USA  Inc., 
HR  Department,  650  Main 
Street,  Suite  201,  South 
Portland,  ME  04106. 


Find  out  how  you  can  invest  in  one  of 
Entrepreneur  Magazine's  “HOT  100 
Franchises”,  and  in  a  Franchise  Times 
“FAST  55”  company.  Single,  Multi-Units 
and  Area  Development 
Opportunities  are  now  available. 
For  more  information  call 


Call  America,  Inc. 


or  visit  us  at 

geeksoncall.com 
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Compuware 

At  Compuware,  you  can  put 
your  IT  experience  to  work  while 
constantly  developing  new  skills. 
We  currently  have  the  following 
nationwide  opportunities: 

■  Business  Analysts 

•  Database  Administrators 

•  Network  Administrators 

•  Product  Sales 

•  Product  Management/Support 

•  Programmers/Analysts 

•  Project  Managers 

•  OA  Analysts 

•  Software  Developers/ 
Engineers 

•  System  Engineers 

•  Technical  Writers 

•  Web  Developers 

•  Recruiting  Manager 
www.compuware.com/careers 

Be  sure  to  indicate  the  specific 
title  and  location  you  are  apply¬ 
ing  for  on  your  application  letter. 
Send  your  resume,  referring  to 
ad  #ITC071204,  to: 

Compuware  Corporation, 
Attention:  Recruiting 
One  Campus  Martius 
Detroit,  Ml  48226.  E-mail: 
ads@comouware.com. 

EOE 


Applied  Optoelectronics,  Inc. 
(Sugar  Land,  TX)  is  seeking  a 
Database  Administrator  using 
Oracle9i,  SQL,  SQL  DTS, 
TransactSQL,  Pervasive  7,  VB, 
PL/SQL,  VMS,  Linux,  UNIX 
scripting,  Tivoli,  EMC  environ¬ 
ment,  Erwin,  and  UML, 
Peoplesoft,  SAP  with  Oracle, 
DB2  and  Sybase.  B.S.  3  mon. 
exp.  Send  resume  to  13111  Jess 
Pirtle  Blvd.,  Sugar  Land,  TX 
77478/281-295-1888  (F).  Attn: 
HR  Manager. 

K.T.J.  Imports  and  Exports,  Inc. 
(Houston,  TX)  is  seeking  a  MIS 
Engineer/MIS  Specialist  using 
knowledge  in  business,  OSAS, 
and  SAP  Data  Warehouse  soft¬ 
ware.  B.S.  6  mon.  exp.  Send 
resume  to  6500  Long  Point  Rd., 
#304,  Houston,  TX  77055/713- 
680-31 24(F).  Attn:  Chyryi  Shiau. 
Canspec  Amerasia  Industries, 
Inc.  (Houston,  TX)  is  seeking 
Systems  Programmer.  B.S.  1  yr. 
exp.  using  Microsoft. Net,  ASP, 
VB.Net,  Java,  SQL,  OLAP,  XML, 
GeoFrame,  HRS,  Jason, 
Ergos99,  isis,  Sun  Blade2000, 
Sun  Ultra60,  and  SGI  OCTANE. 
Send  resume  to  8303  S.W. 
Fwy.,  #488,  Houston,  TX 
77074/7 13-771 -8868(F).  Attn: 
Eric. 


Programmer  Analysts  to  analyze, 
design,  develop  and  support  co¬ 
mputer  systems  using  OS  like 
MVS/ESA,  DOSA/SE,  UNIX,  MS 
-WINDOWS,  databases  such  as 
DB2,  VSAM  and  Oracle,  progra¬ 
mming  environments  such  as  C, 
C++,  COBOL,  COBOL  II,  TSO- 
ISPF,  CICS,  JCL  and  tools  in¬ 
cluding  FILEAID,  IDCAMS,  SQL- 
"PLUS  and  PRO*C;  generate 
batch  reports  from  existing  data 
and  debug  for  better  perfor¬ 
mance.  Require  BS  or  foreign 
equivalent  in  CS  or  any  branch  of 
Engineering  or  related  field  with 
2  yrs  exp  in  IT.  High  salary,  f/t 
position.  Travel  involved.  Resu¬ 
mes  to  HR,  Smartsoft  Interna¬ 
tional,  Inc.,  3965  Johns  Creek 
Court,  Suwanee,  GA  30024. 


IT  SPECIALIST  to  plan,  design, 
implement,  maintain  and  admin¬ 
ister  the  company's  information 
infrastructure,  including  hard¬ 
ware  setup  and  maintenance, 
software  installation,  configura¬ 
tion  and  upgrades:  network 
administration  and  troubleshoot¬ 
ing:  implement,  evaluate  and 
maintain  networked  computer 
hardware  to  meet  user  require¬ 
ment:  design,  develop  and  main¬ 
tain  the  company's  website;  pro¬ 
vide  programming,  design  and 
technical  support  for  users  and 
clients.  Require:  Bachelor's  de¬ 
gree  in  Computer  Science/ 
Information  Systems.  Competi¬ 
tive  salary  offered.  Mail  resume 
to  Chief  Manager,  Laiji  Invest¬ 
ors,  LLC,  1351  Dogwood  Dr., 
Conyers.  GA  30012. 


Partner  Manager,  Latin  America: 
Identify  +  initiate  business  rela¬ 
tionships  with  Latin  American 
third  party  vendors  of  software  + 
database  systems.  Manage  rela¬ 
tionships  with  Latin  American 
vendors.  Supervise  Latin  Ameri¬ 
can  sales  channels  +  marketing 
activities.  Requires  Bachelor's  or 
Equiv.  in  Marketing  or  Business 
Admin.,  plus  4  years  exp.  in  posi¬ 
tion  offered  or  4  years  exp.  as 
Marketing  (Manager/Director), 
Computer  Software.  Requires 
frequent  travel  to  Latin  America; 
4  years  experience  with  Software 
sales  +  marketing  in  Latin  Ameri¬ 
can  markets;  Fluency  (spoken  + 
written)  in  Portuguese  +  Spanish 
languages.  Salary  $90,000  per 
year;  Hours:  8:00  a.m.  -  5:00 
p.m.,  40  hours,  Monday-Friday, 
Job  located  in  Miami,  FL.  Send 
resume  to:  Workforce  Program 
Support,  P.O.  Box  10869, 
Tallahassee,  FL  32302-0869, 
Ref:  JOFL#  2533090. 


Sys  Analyst  to  d/zn,  dev,  impl.  & 
maintain  web  enabled  eComm, 
client-server  &  N-tier  appls.  Per¬ 
form  sys  req  study,  sys  analysis. 
Test  Plan  Preparn,  Unit  Testing, 
Sys  Integrn  Testing  &  Doc.  Dev 
appl  using  Java,  Servlet,  JSP, 
J2EE,  EJB,  HTML,  DHTML,  VB¬ 
Script,  JavaScript,  ASP,  VB6.0, 
COM/DCOM,  VC++,  IIS4.0, 

Weblogic  5. 1/6.0,  SQLServer 
6.0,  Visual  Cafe  3.0,  Visual 
Interdev  6.0,  VSS  6.0,  Solaris  7, 
WebSphere  Appl  Server  4.X/5.X, 
MQSeries,  DB2  7.3/8.1,  AIX  3.4, 
Win  2000,  SOAP  1.1,  ANT, 
JUnit,  Websphere  Studio  Appl 
Developer  4.X/5.X,  JProbe, 
PVCS,  Versata  Logic  Ste  5.5  & 
respon  for  lifecycle  of  s/w  projs. 
24X7  tech  supp.  BS  in  CE  +  2  yr 
exp.  Certified  Java  programmer. 
Comp,  salary.  Apply  to  Unilinx  - 
Code  RB,  4625  Alexander  Dr., 
#110,  Alpharetta,  GA  30022  with 
proof  of  perm.  W/k  authzn. 


Infobahn  Technologies  deliv¬ 
ers  innovative  IT  Solutions 
to  business  clients  nation¬ 
wide.  We  have  immediate 
full  time  opportunities  for 
Programmer  Analysts.  All 
applicants  must  have  a  min¬ 
imum  BS  in  Computer 
Science  Engineering  or  Re¬ 
lated  field  plus  2  years  of 
experience.  Send  resumes 
to:  Infobahn  Technologies, 
(HR)  288  Walnut  St.  #410 
Newton,  MA  02460. 


Manager,  IT.  (Rockleigh, 
NJ).  Reqs  4  yrs  exp  IT 
management,  incl  secure 
databases  &  MBA  or  MPA 
w/undergrad  Comp  Sci, 
Math,  or  Elec  Engineering 
major.  Will  also  accept  4 
yrs  exp  &  MBA  w/IT  core. 
Send  resume:  US  Tender, 
8  King  Rd,  Rockleigh,  NJ 
07647  Attn:  HR/IT. 


MPHASIS  CORPORATION 
Has  multiple  openings  for  the 
following  positions  at  its  offices 
in  New  York,  NY,  Memphis,  TN, 
Houston,  TX,  San  Mateo,  CA 
and  unanticipated  client  sites 
throughout  the  U.S.:  Prog¬ 
rammer  Analyst,  Software 
Engineer,  Project  Manager, 
Management  Analyst,  Sales 
Engineer,  Business  Develop¬ 
ment  Manager,  Finance 
Manager.  Please  send  resume, 
salary  history  and  position 
applied  for  to:  460  Park  Avenue 
South,  Suite  #1101,  New  York, 
NY  10016,  Attn:  H.R.  Manager 


Technical  Support  Specialist: 
assign  and  coordinates  work 
projects;  establish  work  priorities 
and  evaluate  cost  and  time 
requirements:  review  and  test 
programs  to  ensure  compliance 
with  specifications  and  stan¬ 
dards;  evaluate  and  test  vendor- 
supplied  software  packages  to 
determine  compatibility  with 
existing  systems;  maintain  com¬ 
pany  network  system  and  web¬ 
site,  process  e-commerce.  Req. 
BS  or  foreign  equivalent  in  CS  or 
IS  w/proficiency  in  SQL,  Intel 
Xeon  &  Itanium  Server  support, 
TCP/IP,  network  HW/SW  instal¬ 
lation,  configuration,  and  trou¬ 
bleshooting.  40hr/wk,  9-5. 
Contact  recruiter  PC  Source, 
Inc.  3004  Adriatic  Court, 
Norcross,  GA  30071. 


Actuate  IT  Technical  Lead,  Wa¬ 
chovia  Securities,  Chicago,  IL. 
Develop,  create  and  modify  com¬ 
puter  appl.  software  using  Actu¬ 
ate  software.  Reqs.  BA  in  Com¬ 
puter  Science  and  4  yrs  exp.  in 
pos.  or  as  Software  Engineer. 
The  4  yrs.  must  incl.  developing 
software  and  web  appl.  solutions 
using  Actuate  software  and  work 
integratingActuate  into  .Net 
appls,  externalizing  security  (w/o 
use  of  LDAP),  developing  usage 
reports  incl.  transient  reports, 
designing  object  oriented  appl.  in 
the  Actuate  framework,  report 
dvlp.,  publ.  tech.  doc.  and  con¬ 
ducting  stress  tests  and  develop¬ 
ing  queries  against  Oracle  and/or 
DB2.  2  yrs.  of  req.exp.  must  incl. 
developing  appls.  using  Micro¬ 
soft's  .Net  framework.  Must  be 
Actuate  certified.  M-F,  8-5,  Send 
resume  to  Geri  Ann  Henderson, 
Wachovia  Corp.,  401  S  Tryon 
Street,  NC  0958,  Charlotte,  NC 
28288-0958.  No  phone  calls. 


Requirements  Analyst  need¬ 
ed  at  client  sites  to  gather 
business  reqmts,  analyze  & 
dvlp  scenarios;  prgm  in 
Siebel,  Java,  JSP,  C++,  SQLI/ 
PLSQL;  test  using  Win- 
Runner,  LoadRunner,  Test 
Director;  UML  modeling  using 
CaliberRM;  data  modeling 
using  SAS,  SPSS;  OO  data 
modeling  &  db  dsgn.  Resume 
to;  Global  Consultants,  Attn: 
Hireme,  25  Airport  Rd., 
Morristown,  NJ  07960. 


Communications  Engineer  - 
Homestead,  FL  -  wanted  by 
telecommunication  &  entertain¬ 
ment  provider.  Monitor  &  trou¬ 
bleshoot  the  uplinking,  downlink¬ 
ing  &  transmissions  of  digital 
voice,  image  &  data  files. 
Monitor  &  troubleshoot  the  inter¬ 
connectivity  of  satellite  to  fiber 
optic/fiber  optic  to  satellite  hard¬ 
ware.  Troubleshoot  reception  & 
amplification  issues  during 
transmissions.  B.S  Electronics  & 
Communications  Eng  or  foreign 
equivalence  &  2  yr  exp.  in  job 
offered.  Fax  resume  to  Satuple, 
Inc.  attn:  Human  Resources  at 
305-247-8011. 


North  East  Fasteners,  Inc.  is 
looking  for  systems  devel¬ 
opers  to  define  and  design 
page  architecture  and  navi¬ 
gation  models;  develop  data 
models  and  databases;  and 
administer  databases.  Must 
have  at  least  bachelors  de¬ 
gree  in  computer  engineer¬ 
ing  or  related  major.  Please 
send  all  resumes  to  North 
East  Fasteners,  Inc.  8 
Tremco  Dr.,  Terryville,  CT 
06786,  attn.:  Human  Re¬ 
source  Department. 


Computer  Support  Specialist 
to  support  computing  infra¬ 
structure  including  servers, 
email,  apps,  network,  dbs  & 
users.  Requires  MS  in  Comp 
Sci  &  min  2  yrs  exp  w/Novell, 
Solaris,  Linux  &  MS  Windows 
systems,  LAN/WAN  network¬ 
ing,  web  server  &  SQL  server; 
familiarity  w/Visual  Basic, 
Oracle,  .Net,  XML  &  ASP 
required.  Send  resume  to 
Human  Resources,  Sunrise 
Global  Inc.,  4000  Bordentown 
Ave.,  Sayreville,  NJ  08872,  or 
fax  to  732-651-9998. 


Software  QA  Eng  IV,  Team 
Leader  -  Est.  overall  test  auto¬ 
mation  direction  for  one  or  mult, 
product  lines,  automate  func¬ 
tional  &  scalability  test  scenar¬ 
ios.  Review  project  req's,  tech, 
documentation,  define  project 
test  strategy.  Review  &  define 
test  case  docs.  Track  defects  & 
approve  project  release.  Train/ 
supervise  junior  team  members. 
REQ:  BA/BS  CIS/IT/Eng,  8  yrs 
as  SQAE,  5  yrs  test  automation 
exp,  3  yrs  DB  testing  exp,  3  yrs 
automated  performance  &  seal- 
ability  testing  w/  comm'l  perf  test 
tool,  project  mgmt  exp.  2  pos 
avail.  Resume:  m013_04@ 
onesource.com.  OneSource  is 
an  Equal  Oppty  Employer. 


Software  Engineer 

Seeking  individual  with  experi¬ 
ence  working  with  application 
servers  (ATG  Dynamo  4.1/  5.1), 
operating  systems  (Windows 
NT,  Sun  Solaris,  UNIX,  Net¬ 
ware),  programming  languages 
(Visual  Basic,  JAVA,  ASP, 
COBOL,  C),  software  configura¬ 
tion  tools  (Rational  ClearCase 
3.2.1),  and  effective  communi¬ 
cation  skills.  Must  have  BS,  5 
years  experience  as  software 
engineer,  Sun  Certified  Java 
Programmer,  and  significant 
experience  programming.  Sal¬ 
ary  $55,000.  Send  resume  and 
cover  letter  outlining  minimum 
qualifications  to  Provion,  1501 
Commerce  Ave.,  Carlisle,  PA 
17013. 


Computers  -  Development  Man¬ 
agers  needed.  Seeking  qual. 
candidates  possessing  MS  or 
equiv.  and/or  rel.  work  exp.  Part 
of  the  req.  rel.  exp.  must  include 
3  yrs.  working  with  Java.  Duties 
include:  Design,  develop  & 
implement  software  systems  & 
applications;  Monitor  &  coordi¬ 
nate  software  systems  using 
development  &  integration.  Fwd. 
resume  &  ref.  to:  Globecom 
Software,  Attn:  HR,  1702  N. 
Fairmount  St.  #101,  Wichita,  KS 
67208. 


Cigniti  has  openings  for  System 
Analysts  or  Software  Engineers. 
Candidates  must  have  BS/MS 
with  experience.  Use  skills  such 
as  Java,  Cobol,  EJB,  ERP, 
Oracle,  SQL.  VB.  C/C++.  Travel 
may  be  required  for  some  jobs. 
Competitive  salary.  Please  apply 
at  info@cianiti.com.  No  calls. 
EOE. 

IT  specialists  wanted  by  AR- 
WANO,  Inc.  for  positions  using 
Oracle,  SQL,  VB,  C/C++,  SAP, 
AS/400.  RPGLE,  COBOL/  400, 
CL,  SQL/400,  Query/400,  Or¬ 
acle  RDBMS,  Developer  2000, 
Windows  NT.  Minimum  is  BS 
degree  with  IT  exp.  Travel 
maybe  required.  Please  apply  at 
waseem@arwano.com.  EOE. 


Applications  Engineer 
required  by  Hayward,  CA, 
based  chain  of  shoe  retail¬ 
ers.  Requires  Bachelor's 
degree  in  any  engineering 
field.  Must  be  knowledge¬ 
able  in  code  development, 
Java  1.2  and  2.0,  and  Java 
with  Oracle  databases  for 
web  based  projects.  Send 
resume  to  Rosa  Rahemi, 
VP  of  Finance,  Sheikh 
Shoes,  2247  Commerce 
Place,  Hayward,  CA  94545. 
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Welcome  to  IT  Careers 
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SURVEY 


find  a  job  !  employers  1  features  &  tips 

find  a  job 

The  IT  Careers  Network  uses  the  power  of  The  Wall 
Street  Journal's  CareerJaurnal  jobs  daiabase  to  bring 
you  the  laigesl  concentration  of  IT  jobs  available.  Get 
e-mail  notifications  when  new  jobs  malch  your 
search  critena  Post  an  online  resume  and  more 

•  sea'ch  jobs 

•  create  a  Job  Alert 

•  edit  a  Job  Alert 

•  post  a  resume 

•  edit  your  resume 


post  a  job 

Finding  the  nght  IT  professionals  to  fill  your  available 
positions  can  be  a  challenging  and  tima-consuming 
effort.  IT  Careers  can  help,  With  the  2,2  million 
unique  visitors  each  month,  the  online  services  that 
are  available  through  IT  Careers  is  a  smart  way  to 
deliver  and  job  posting 

•  post  jobs 

•  seaich  resumes 

•  become  a  Featured  Employer 

•  online  opportunities 


features  &  tips 

Gather  the  best  (T  career-related  information, 
features,  news  and  tips  from  some  of  the  best 
sources  in  the  industry  They  bring  readers  regular 
items  such  as  opinions  and  advice  from  industry 
experts,  special  packages  and  supplements  on 
career  trends,  salanes,  contracting,  hmng  and 
retention  issues 
•  Computeiworld 


Swbmui. 


advertiser  tools 


Looking  for  a 
new  IT  career? 

Explore  our 
huge  Jobs 
database 
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careers 
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www.  itcar  eer  s .  com 


is  the  place  where  your 
fellow  readers  are  getting  a 
jump  on  even  more  of  the 
world's  best  jobs. 

Now  combined  with 
CareerJournal.com,  you  have 
more  jobs  to  choose  from. 

www.itcareers.com 


Computerworld  •  InfoWorld  •  Network  World  •  July  12,  2004 


NW071204E/W/MW  2 


it  careers.com 


itca  reers.com 


can  solve  the 


labyrinth  of 


job  hunting  by 


matching  the 


right  IT  skills 


with  the  right 


IT  position. 


Find  out  more 


at: 


www.itcareers.com 


Systems  Analyst 

Develops  8  implements  systems 
for  variety  of  industries.  Must 
have  Bach,  in  comp.  sci.  or  eng. 
plus  two  yrs.  prof.  exp.  in  senior 
Supply  chain  planning,  logistics 
8  business  process  transforma¬ 
tion  w /  Manugistics  Advanced 
Planning  8  Scheduling,  SAP  R3, 
OracleS  rel.  lang.  8  tools.  Perl, 
SQL  Loader  8  Web  Intel.  Fre¬ 
quent  travel  8  relocation. 
$67,000/yr.,  F/T,  hrs  vary.  Send 
resumes  to  Pgh/Alleg.  Cty. 
Careerlink  Attn:  CL  Program- 
Super.,  425  6th  Ave.,  Ste. 
2200, Pgh,  PA  15219-1837.  Ref. 
Job  Order  #  WEB  433084. 


Sr.  QA/Testing  Analyst  needed 
in  Wichita  to  perform  8  lead 
team  for  complex  testing  on 
complex  projects  using  Soft- 
brands  S/ware  Products 
Portfolio,  Internet  based  prod¬ 
ucts,  RIO,  Leisure  Mgmt, 
Landmark,  IGS  Worldwide, 
Medallion  8  Mercury  WinRunner 
in  Hospitality  domain;  assist 
w/installation  problems,  plan  8 
implmt  automated  testing; 
research  8  dvlp  mktg  reqmts. 
Resume  to:  SoftBrands 

Hospitality,  Two  Meridian 
Crossings  #800,  Minneapolis, 
MN  55423. 


Systems  Administrator  (with 
Bachelors  degree  and  5  years 
experience)  -  Columbus,  OH. 
Job  entails  and  requires  experi¬ 
ence  in  configuration  and  main¬ 
tenance  of  systems  using 
Veritas  Backup,  Windows  Active 
Directory,  Sun  Solaris  and  Citrix 
Metaframe  and  Exchange 
Server.  Develop  Systems  using 
P3,  Expedition  and  Kana. 
Relocation  within  USA  Possible. 
Attractive  compensation  pack¬ 
age.  Send  resume  to  Priya 
Venkat,  Technology  Software 
Inc.,  1515  Bethel  Rd.,  Suite  304, 
Columbus,  OH  43220. 


Computer  Professional  (Multiple 
Openings)  -  W/exp  in  one  or 
more  of  the  following  skills:  Cl 
C++,  JAVA,  Power  Builder,  Vi¬ 
sual  Basic,  Oracle,  Developer 
2000,  Sybase,  Windows,  Unix 
Admin,  People  Soft,  SOI  Server, 
SAP,  Oracle  Applications,  Cobol, 
Db2,  AS/400,  ASP,  .net. 

Lucrative  compensation  Please 
E-mail  your  Resumes  to  the  fol¬ 
lowing  address: 

RESUMES@COMDATAUS.COM 

Attn.  HR  Department 
Comdata  Consulting,  Inc. 

2775  Algonquin  Rd 
Suite  #  240 

Rolling  Meadows,  IL-60008 
VISIT  WWW.COMDATAUS.COM 
For  More  Details 


BlazeTech  Corp.  is  hiring 
Senior  Engineers.  Design 
/Develop/maintain  engg 
computational  models  & 
software  applications,  de¬ 
velop  interfaces,  maintain 
web  infrastructure/content 
and  RDBMS.  Send  res¬ 
umes  to  BlazeTech,  24 
Thorndike  Street,  Cam¬ 
bridge,  MA  02141.  Appli¬ 
cants  must  meet  educa¬ 
tional  and  work  experi¬ 
ence  requirements. 


Systems  Analyst  needed  at 
client  sites  to  dsgn.  dvlp,  implmt 
Web  based  applies  using  current 
technology  incl  Oracle  Finan¬ 
cials  11  i  (PO,  AP,  GL,  AR,  FA. 
INV,  HR,  Application  Object 
Libraries  8  System  Admin¬ 
istration),  Oracle  9i/9iAS,  Oracle 
Web  Application  Server,  PLSQL 
Cartridges,  Oracle  Forms 
6i/Reports  6i,  Dvlpr  2000,  Dsgnr 
2000,  SQL/PLSQL  Prgmg,  UNIX 
Shell  Prgmg,  Pro'C,  SQL 
Loader,  SABLIME,  HTML  8 
Javascript.  Resume  to:  Dolphin 
Solutions,  9567  Westover  Club 
Cir,  Windmere,  FL  34786. 


Sr  Programmer  Analyst.  Prog¬ 
ram  8  design  s/ware  compo¬ 
nents  using  Visual  C++,  Visual 
Basic,  Visual  SourceSafe,  DB2, 
SQL,  IIS,  ADO,  ODBC,  ASP, 
SNA  Server,  ATL,  Visual  Studio, 
C++,  COMTI,  N_tier,  Laureate, 
DCOM,  and  MTS.  Bachelor,  or 
equiv,  in  CS,  Eng'g,  Business,  or 
similar,  req'd,  as  is  2  yrs  of  exp 
in  job  ofFd  or  a  systems  analy¬ 
sis  position.  Mail  resumes  to  J. 
Cuniffe,  Job  #1915.23,  Sallie 
Mae,  Inc.,  11100  USA  Parkway, 
Fishers,  IN  46238. 


SYSTEMS  ANALYST/PRO¬ 
GRAMMER  -  (LA)  to  design, 
plan  8  implement  complex  app’s 
in  ERP  systems,  incl'g  SAP; 
modify,  code  8  test  new 
enhanced  systems  8  programs 
utilizing  ABAP/4,  SAP  Script  8 
Java  programming  languages, 
using  Oracle  db,  dialog  pro¬ 
gramming,  SAP  objects,  config 
of  SAP  modules,  etc.,  8  evalu¬ 
ate  business  requests  for 
new/reengineering  appl's  for 
current  8  future  business  needs; 
35  hrs/wk.  Must  have  bach's  in 
comp  sci,  MIS,  Elec  Engrg  or 
Mech  Engrg  8  2  yrs  exp.  in  job. 
Contact  AIG  SunAmerica,  Attn: 
Pro.  Staffing  Mgr.,  1999  Ave  of 
the  Stars,  Century  City,  CA 
90067  8  quote  #12586 


Sr.  Quality  Eng.  wanted 
by  company  engaged  in 
graphics  and  multimedia 
technology  design,  manu¬ 
facturing  and  marketing. 
Requires  Bach,  in  CS  or 
EE  plus  5  yrs  exp.  includ¬ 
ing  audio/video  software. 
Reply  to  ATI  Research, 
Inc.  H.R.  Dept.,  Attn:  K.B., 
62  Forest  Street,  Marl¬ 
borough,  MA  01752. 


Software  Engineer  to  work 
on  eGovernment  and 
eCommerce  software  solu¬ 
tions.  Analyze  business  & 
technical  needs  to  develop 
customized  programs  and 
perform  related  duties. 
Bachelor's  degree  and  2  yrs 
related  experience  req¬ 
uired.  Send  resume  to 
Periscope  Holdings,  Inc., 
319  Congress  Avenue, 
Suite  200,  Austin,  TX 
78701 . 


SOFTWARE  ENGINEER 

PCTEL  Inc.  a  global  leader  in 
simplifying  mobility  seeks  an 
experienced  Software  Engineer 
to  research  and  analyze  highly 
sophisticated  applications  for 
business  users.  Selected  candi¬ 
date  will  be  responsible  for  all 
phases  of  software  development 
including  architecture,  design, 
development,  testing  and  de¬ 
bugging  state-of-the-art  soft¬ 
ware  applications.  As  a  member 
of  a  development  team  you  will 
develop  a  multi-protocol  inter¬ 
face  for  IP  networks,  using 
C/C++,  JAVA,  Linux  (Unix). 
SQL,  SNMP,  TC/IP  and  wireless 
LAN's  protocol.  Duties  involve 
both  changes  to  existing  soft¬ 
ware  and  the  creation  of  new 
software  applications.  Will  be 
responsible  for  formulating  a 
plan  outlining  the  steps  to  devel¬ 
op  programs  using  structural 
analysis  and  design  techniques, 
and  preparing  flow-charts  and 
diagrams  to  illustrate  the 
sequence  steps  a  program  must 
follow  and  describe  the  logical 
operation  involved.  Requires 
Bachelor  of  Science  in  Comput¬ 
er  Science  or  its  equivalent  plus 
a  minimum  of  two  years  direct 
experience  in  the  job  offered. 
Position  also  requires  travel  to 
Eastern  Europe  approx.  20%  of 
the  year.  Candidate  must  be 
legally  eligible  to  work  in  the 
United  States  for  any  employer. 
Send  your  resume  directly  to: 
jobs@pctel.com  Please  include 
Job  code  407  Software  Engineer 
in  the  subject  line.  Or  mail  direct¬ 
ly  to:  HR  Dept.,  PCTEL,  Inc. 
8725  W.  Higgins  Rd.  Suite  400, 
Chicago,  II  60631.  PCTEL  Inc.  is 
an  equal  opportunity  employer. 


Computer/Info  Systems 

Information  Systems 
Professionals 

To  participate  in  analysis,  prob¬ 
lem  solving,  project  design  and 
technical  implementation  for 
major  products.  Participate  in 
the  timely  and  high  quality 
delivery  of  product;  implemen¬ 
tation,  integration,  design,  cod¬ 
ing,  testing  and  documentation 
of  custom  application  software; 
evaluate  user  requirements 
and  consult  with  design  team 
to  identify  current  procedures 
and  needs;  support  and  train 
end-users.  Technologies/  Plat¬ 
forms  used  include  UNIX, 
Windows  NT,  SQL  Server,  or 
Oracle  using  SQL,  C/C++, 
Visual  Basic,  Java,  Cobol  and 
other  appropriate  program¬ 
ming  languages  in  Client/ 
Server,  Network  and  Main¬ 
frame  environments.  Must 
have  a  Bachelors  degree,  or  its 
equivalent.  We  are  hiring  at  all 
experience  levels.  Please  send 
resume  to:  Human  Resources, 
Knightsbridge  Solutions,  500 
W.  Madison  Ave.,  Suite  3100, 
Chicago,  IL  60661  or 
recruiting@knightsbridge.com. 
EOE 


Technical  Marketing  Managers 
for  company's  IT  products  8  ser¬ 
vices.  Responsible  for  technical 
sales  8  marketing  of  custom  IT 
solutions  to  clients  in  the  bank¬ 
ing  8  financial  services  indus¬ 
tries.  Determine  customer  IT 
requirements  and  develop  tai¬ 
lored  sales  8  marketing  presen¬ 
tations.  Bachelor's  degree  in 
computer  science,  engineering 
or  a  related  field,  plus  3  years 
experience  in  marketing  of  IT 
software  products  8  services. 
Up  to  1  year  experience  may  be 
satisfied  with  master's  degree  in 
marketing,  management  or 
finance.  Send  resume  and 
salary  requirements  to  i-flex 
solutions  inc.,  99  Park  Avenue, 
15th  FI.,  New  York,  NY  10016, 
attn:  HR  Manager.  All  respons¬ 
es  must  include  job  code 
BOS604. 


IT  PROFESSIONALS 
Manager 

(Glen  Mills.  Pennsylvania  and  other  locations  through  the  US.).  Will  over¬ 
see  consulting  engagements  for  major  corporate  clients  Will  meet  with 
client  management  to  assess  strategic  planning  and  business  operational 
requirements  in  order  to  determine  engagement  scope,  staffing,  and  bud 
get.  Will  review  engagement  plans  with  assigned  professional  staff  and 
oversee  analysis  of  client  global  supply  chain  and  operations  including 
supply  chain  strategy;  new  product  development  process  for  Collabora¬ 
tive  Product  Commerce  (CPC)  such  as  PTC  Windchill,  8  Agile  Software 
implementation;  logistics  operations  for  Transportation/Warehouse  Man¬ 
agement  Systems  (TMS/WMS)  implementation  and  operations  excel¬ 
lence  for  Enterprise  Resource  Planning  (ERP)  such  as  Oracle.  SAP  and 
MFG/PRO  implementation.  Will  review  analyses  by  professional 
Consultants  and  Business  Analysts  regarding  industry  and  client  specific 
data  to  formulate  recommendations  on  operational  issues.  Will  supervise 
the  implementation  of  operational  and  system  modifications  by  client  cor¬ 
porations.  The  wage  offered  is  $100,895  per  year.  The  work  schedule  is 
Monday-Friday.  9:00  am  to  5:00  pm.  The  minimum  requirements  are  as 
follows:  Bachelor's  degree  or  equivalent  in  Computer  Science,  Math. 
Engineering  (any),  Information  Systems  or  Business  Administration  +  5 
years  of  experience  in  the  job  offered  or  5  years  of  experience  as  a 
Consultant,  Technology  Manager.  Senior  Engineer.  Principal  Product 
Designer.  Related  experience  must  include  at  least  six  months  of 
Transportation/Warehouse  Management  Systems  (TMS/WMS)  and 
Enterprise  Resource  Planning  (ERP)  and  Collaborative  Product 
Commerce  (CPC). 

Please  send  your  resume,  referencing  Job  Order  Number  WEB433066  to 
the:  PA  Careerlink,  FLC  Unit,  235  W.  Chelten  Avenue,  Philadelphia.  PA 
19144.  EOE. 


IT  PROFESSIONALS 
Consultant 

(Glen  Mills.  Pennsylvania  and  other  locations  through  the  U.S.).  Analyze 
client  business  requirements  and  perform  business  and  technical  com¬ 
parisons  to  decide  implementation  approaches.  Frame  functional  design 
and  technical  designs  for  implementation.  Coordinate  client  meetings  to 
bring  about  resolution  on  issues  and  clarity  in  communication.  Implement 
Siebel  as  the  Customer  Relationship  Management  (CRM)  package,  and 
integrate  Siebel  with  multiple  client  boundary  systems  through  Siebel 
Enterprise  Application  Integration  (EAI)  Layer.  Develop  interfaces  with  cli¬ 
ent  middleware  (Information  Highway),  and  test  transactions  end-to-end 
with  the  boundary  systems  to  successfully  deploy  and  support  the  imple¬ 
mentation.  Perform  Web  Development.  Perform  software  testing  using 
industry-standard  software  tools  such  as  Mercury  Interactive  Testing 
Suite.  Perform  database  tuning  of  client  systems  including  Oracle  8. 

WAGE:  $54, 000/year 

Hours  worked:  Monday-Friday  9:00am-5:00pm 
MINIMUM  REQUIREMENTS: 

Bachelor's  degree  or  equivalent  in  Computer  Science,  Engineering  (any 
type),  Math,  Business  Administration  or  Information  Systems  +  one  and  a 
half  years  exp.  in  the  job  offered  or  one  and  a  half  years  exp.  as  a 
Systems  Analyst,  Consultant,  or  Programmer,  Related  experience  must 
include  at  least  one  year  of  Web  Development,  Customer  Relationship 
Management/Siebel  (CRM),  Enterprise  Application  Integration  (EAI), 
Oracle  Databases  (including  Oracle  8),  and  Mercury  Interactive  Testing 
Suite.  Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a  U  S. 
Bachelor's  degree  as  determined  by  an  accredited  credentials  evaluation 
service. 

Please  send  your  resume,  referencing  Job  Order  Number  WEB433154  to 
the:  PA  Careerlink,  FLC  Unit,  235  W  Chelten  Ave.,  Philadelphia,  PA 
19144.  EOE. 


Systems  Analyst/Programmer  3, 
Wachovia  Corp.,  Charlotte,  NC, 
Design,  code,  test  client/server 
and  web  business  sols.  Reqs. 
BA  in  Elect,  and  Comm,  or 
Comp.  Science  and  2  yrs  exp.  in 
pos.  or  as  Software  Eng.  or  IT 
Consultant.  The  2  yrs.  must  incl. 
full  lifecycle  new  appl.  Dvlp.; 
conversion  of  specs,  into  code, 
testing/  prep,  of  code  for  prod.; 
debugging  and  correcting  exist¬ 
ing  code;  working  with  Sybase 
(or  similar)  in  a  Unix  environ, 
incl.  writing  stored  procedures, 
triggers  and  debugging  data¬ 
base  code;  MS  SQL  Server; 
Oracle;  PowerBuilder;  MS  Visu¬ 
al  Studio.NET;  or  similar  soft¬ 
ware  programming.  M-F,  8-5, 
Send  resume  to  Meredith 
Elberson,  Wachovia  Corp.,  401 
S.  Tryon  Street,  NC  0958, 
Charlotte.  NC  28288-0475.  No 
phone  calls. 


Systems  Analyst  sought  by  large 
employer  in  Electronic  Print 
Services  Industry.  Reqs  BS  in 
CS  or  MIS.  Min  2  yrs  prgmg  exp 
using  HTML,  JavaScript,  VB, 
ASP,  VB  Script  8  SQL  Server.  2 
yrs  exp  using  s/ware  pkgs  such 
as  CDP  Visual  Knowledge 
Manager  8  Visual  Studio.  Knowl 
of  print  data  files  such  as  AFP, 
DJDE  a  METACODE  reqd. 
Presentation,  Documentation  8 
Training  skills  reqd.  Working 
knowl  of  Win  NT,  2000  operating 
systems.  Knowl  of:  XML,  DCOM. 
MTS,  FOP  PDF,  MS  IIS,  SMTP  8 
JRun  reqd.  M-F  8-5.  Responses 
to  Scott  Erickson,  HR  Mgr. 
Moore  Wallace,  Business 
Communication  Svcs,  630  W. 
1000  North,  Logan,  UT  84321. 


Computer  Systems  Analyst  to 
conduct  software  application 
development  using  ASP,  .NET. 
and  Java  technologies,  and 
Cognos  Imppromptu/Power- 
Play;  software  application  sup¬ 
port  and  troubleshooting  both  for 
Hardware  and  Software;  server 
configuration  and  installation  of 
servers;  getting  data  out  of 
Legacy  Systems  and  putting 
them  in  Relational  database  as 
well  as  analyzing  and  trending 
the  data.  Requires:  minimum  of 
Bachelor's  degree  in  Computer 
Science  or  related  field  and  36 
months  of  working  experience. 
Prior  working  experience  with 
Cognos  Impromptu/PowerPlay, 
Business  Case  Development, 
ASP,  .NET,  and  Java  technolo¬ 
gies  and  strong  background  in 
Oracle  and  SQL  Server,  3-D 
Data  modeling  (CUBES)  is  pre¬ 
ferred.  Some  holiday  on-call 
required.  Please  send  resumes 
to  Chris  Jircitano.  Vanderbilt 
University  Medical  Center, 
Informatics  Center.  B706  The 
Vanderbilt  Clinic,  1301  22nd 
Avenue  North,  Nashville,  TN 
37232-5655. 


Sage  IT  is  looking  for  IT  profes¬ 
sionals  to  develop  applications 
using  Cognos  Impromptu,  Pow- 
erPlay,  ReportNet,  SQL,  Oracle. 
Tera  data  (NCR),  Sybase.  Es- 
base.  DB2,  Red  Bncks,  Informa- 
tica,  Data  Stage,  Ab  Initio,  Web 
Logic/Sphere,  JSP,  ASP.  Min. 
BS  w /  exp.  Please  contact 
info@saoeitinc.com.  EOE 

Digital  has  long  term  position  for 
EDI/System  Analyst  and  DBA  to 
implement  e-commerce  Gate¬ 
way  modules  in  Oracle  applica- 
t(on  ii;  perform  end-to-end  EDI 
implementation  (mapping,  scrip¬ 
ting);  create  database  on  SQL; 
use  VB.  Java,  ERP  tools.  Please 

EOE.  a'  contact<5>dc,i'us  com 
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OCTOBER  4  -  6,  2004  I  BACARA  RESORT  &  SPA  I  SANTA  BARBARA,  CALIFORNIA 


Vortex  1 2004 

SETTING  THE  IT  AGENDA 

Executive  Producers 


GEOFFREY  MOORE 

Managing  Director 
TCG  Advisors  LLC 

Acclaimed  author  of  Crossing  the 
Chasm  and  Inside  the  Tornado 


JOHN  GALLANT 

President  &  Editorial  Director 
Network  World 


VORTEX  2004:  SETTING  THE  IT  AGENDA  is  an  interactive  experience  showcasing  a  diversity  of  informed 
opinion  and  fresh  insights  on  the  future  of  the  nearly  $1  trillion  enterprise  IT  market.  VORTEX  is  an  immersive 
dialogue  among  chief  executives,  chief  information  officers,  leading  analysts  and  investors  on  issues  including: 

■  What  shape  will  the  post-client/server  IT  world  take? 

■  How  are  leading  vendors  like  IBM,  Microsoft,  Oracle,  SAP,  EMC,  HP,  Cisco,  and  others  positioning 
themselves  for  market  dominance  and  what  opportunities  are  created  for  innovators? 

■  Are  vendors  and  IT  executives  in  sync  on  key  issues  and  directions? 

■  How  can  early  adopters  create  competitive  advantage? 

Through  a  series  of  frank  one-on-one  interviews,  engaging  Q&A’s  and  spirited  panel  discussions,  John  Gallant  and 
Geoffrey  Moore  will  analyze  diverging  vendor  strategies  and  compare  their  visions  with  the  current  needs  of  IT. 
All  to  help  you  determine  what  you  need  to  design  and  buy  for  your  enterprise  to  prosper. 


For  more  information  and  to  register,  visit  www.vortex.net/V4A2S  or  call  800-643-4668 


SOME  OF  THE  SPEAKERS  YOU'LL  HEAR  FROM  AT  VORTEX  2004  INCLUDE: 


Shai  Agassi  Member  of  the  Executive  Board,  SAP  AG  ■  Jeffrey  Blumenfeld  Partner,  Antitrust  and  Intellectual  Property,  Crowell  &  Moring  LLP  ■  Howard 
Elias  EVP,  Corporate  Marketing  &  Office  of  Technology,  EMC  Corporation  ■  John  Gantz  5VP  &  Chief  Research  Officer,  IDC  ■  Umang  Gupta  f  Chairman  & 
CEO,  Keynote  Systems  ■  John  Hagel  Management  Consultant  &  Author  ■  Donald  A.  Haile  CIO,  Fidelity  Investments  Systems  Company  ■  Sam  Jadallah 
General  Partner,  Mohr  Davidow  Ventures  •  Mitchell  Kertzman  Partner,  Hummer  Winblad  Venture  Partners  •  David  Kirkpatrick  Senior  Editor,  Internet  & 
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How  GM  saved  a  billion  dollars 


General  Motors'  IT  group  has  undergone  a  thorough  transformation  in  the  last  eight  years,  one 
that  has  seen  the  company  knock  more  than  a  billion  dollars  off  its  annual  IT  budget  of  $4  bil¬ 
lion.  Tony  Scott  has  helped  drive  that  change  over  the  last  five  years  as  CTO  for  GM’s  Information 
Systems  &  Services  organization.  He  reveals  that  behind  the  savings  is  a  massive  effort  to  consoli¬ 
date  —  going  from  7,000  legacy  systems  in  1996  to  fewer  than  3,000  today  —  and  ideally  he'd 
like  to  get  that  number  down  to  about  1,000.  The  backdrop  for  all  this  is  GM’s  unique  100%  out¬ 
sourcing  arrangement,  which  both  helps  and  hurts.  Network  World’s  Jeff  Caruso  sat  down  with 
Scott  to  talk  about  how  the  transformation  is  going. 


How  long  have  you  been  100%  outsourced? 

Literally  since  we  bought  Electronic  Data  Systems  in  the 
mid-’80s.  GM  bought  EDS  with  the  notion  of  EDS  becom¬ 
ing  not  only  the  internal  IT  department  for  GM  but  also 
continuing  its  business  on  the  outside.  In  ’96  we  spun  EDS 
off  as  a  separate  company  but  entered  into  this  10-year 
master  services  agreement,  which  essentially  makes  EDS 
our  primary  outsourcer  but  allows  us  under  some  com¬ 
plex  rules  to  compete  and  bring  in  competition. 

Do  you  have  a  lot  of  competing  outsourcers? 

We  do, yeah.  After  this  seven-  or  eight-year  period  we 
have  brought  in  a  significant  number  of  competitors,  but 
EDS  is  still  the  dominant  player. 

Then  you  probably  don't  have  a  lot  of  the  fears  that  other  IT  peo¬ 
ple  might  have  in  terms  of  outsourcing  part  of  their  business, 
losing  that  control. 

Actually  it’s  been  the  opposite.  When  we  spun  EDS  back 
out,  it  was,  what  info  about  GM’s  information  systems  do 
we  need  to  know,  and  how  do  we  regain  that  knowledge 
from  this  100%  outsourcer  that  we  started  in  ’96?  So  it’s 
almost  a  flip  of  the  question. 

Are  there  some  things  that  you  would  prefer  to  have  more  con¬ 
trol  over,  or  are  there  things  that  you  miss? 

It’s  a  difficult  question.  1  worked  in  a  lot  of  different  IT 
departments,  never  one  100%  outsourced  before.  For  a 
company  of  GM’s  size  and  scale,  the  outsource  model 
absolutely  works.  We  don’t  even  think  about  reverting  to  a 
different  model. 

There  are  some  things  1  do  miss.  We  do  everything  by 
contract, so  one  of  the  effects  of  this  model  is  that  in 
some  cases  your  opportunity  to  make  changes  is  coin¬ 
cident  with  your  opportunity  to  change  the  contract. 

On  the  good  side,  that  creates  a  cadence  of  change  and 
a  cadence  of  opportunities  that  lets  you  constantly  re¬ 
evaluate  the  technology  and  the  suppliers  and  so  on. 
On  the  flip  side,  if  you  want  to  do  something  mid-cycle, 
sometimes  it  can  be  more  difficult.  But  net-net,  it’s  an 
advantage. 

What's  your  take  on  offshore  outsourcing,  a  very  controversial 

topic? 

It’s  a  difficult  question  for  me  to  answer  given  the  global 
nature  of  what  we  do  —  when  you  sell  cars  and  have 
plants  in  as  many  places  as  we  do  and  therefore  the  IT 
operations  in  those  countries.  ...Secondly  we ’re  100%  out¬ 
sourced,  so  we  have  EDS  or  IBM  or  HP  or  AT&T  provide 
all  of  our  serv  ices.  We  have  less  than  2,000  IT  people  that 
are  GM  employees.  So  they’re  not  replaced  by  anybody, 


either  offshore  or  outsourced.  But  they  work  in  Singapore; 
Russelsheim,  Germany;  Maidenhead,  England;  and 
Sydney  and  all  kinds  of  different  places.  It’s  a  global,  inter¬ 
national  company  and  then  we  use  suppliers  that  provide 
support  and  have  presence  in  all  of  those  places  that  we 
do  business.  So  I  just  don’t  think  GM  is  in  the  model  that  a 
lot  of  other  companies  are  in  that  regard. 

I  know  GM  is  pursuing  Web  services.  How  far  along  is  your  Web 
services  development? 

It’s  moving  along  at  a  cadence.  We’re  beyond  the  pilot, 
experiment  stage,  but  like  any  large  company  it  takes  a 
while  for  any  of  these  things  to  become  completely  main¬ 
stream  in  the  bulk  of  the  efforts  that  you’re  doing.  We  still 
have  system  development  projects  in  the  deployment 
phases  that  were  started  before  Web  services  were  at  all 
understood.  And  we’re  not  stopping  any  of  those  things 
just  so  we  can  switch  them  to  Web  services.  But  as  we 
look  at  the  architecture  of  the  next  generation  of  systems 
that  we  put  in,  they’re  more  and  more  reliant  on  what 
you’d  call  a  service-oriented  architecture. 

Can  you  give  me  some  examples  of  how  you  might  be  using  Web 
services? 

It’s  really  taking  units  of  work  that  used  to  be  embedded 


in  systems  over  and  over  again  —  things  like  directory 
services,  identity  services,  things  that  manage  parts,  peo¬ 
ple,  cost,  suppliers  and  so  on  —  and  componentizing 
them  and  making  them  available  as  a  service  in  the  infra¬ 
structure  or  in  the  application  architecture. That’s  the  gen¬ 
eral  direction  that  I  see  it  showing  up  in  GM. 

Last  year  you  were  asked  whether  you  were  comfortable  using 
Web  services  externally,  and  you  said  the  main  things  you  were 
worried  about  were  security  and  the  scalability  of  that  security. 
Do  you  still  have  those  concerns? 

Still  —  but  I  think  we’ve  made  a  year’s  worth  of  progress 
on  those.  So  1  think  the  [solution]  is  just  starting  to  show 
up.  For  me  it  really  becomes  real  when  we  start  seeing 
support  in  products  that  we  buy  from  our  IT  suppliers, 
where  they’re  willing  to  guarantee  and  sign  up  contractu¬ 
ally  for  the  security  and  the  controls  that  one  wants  or 
the  quality  of  service  that  we  need. 

Another  thing  you've  said  is  that  you  have  a  single-vendor  ap¬ 
proach,  like  a  chosen  vendor  in  different  areas.  What  are  the  ben¬ 
efits  of  doing  that  and  what  might  be  some  of  the  drawbacks? 

It  depends  on  the  area,  whether  there’s  a  single  vendor 
or  two.  We  don’t  always  say  there  just  has  to  be  one.  In 
fact,  we  generally  prefer  a  model  where  we  have  a  choice 
—  but  it’s  not  five  choices,  it’s  one,  two  or  at  most  three,  in 
a  given  space.  For  us  the  benefits  are  being  able  to  lever¬ 
age  our  scale  across  the  enterprise.  In  the  database  exam¬ 
ple,  if  I  support  five  databases,  it  means  I  have  to  pay  an 
outsource  supplier  not  only  to  develop  on  five  different 
database  platforms  or  integrate  across  five  different  ones, 
but  from  an  operations  perspective  I  have  to  have  trained 
database  administrators  and  support  people  and  mainte¬ 
nance  contracts  and  all  of  that  for  five  different  ones. 

So  part  of  the  systems  reduction  activity  that  we’ve 
engaged  in  is  focused  on  simplifying  the  infrastructure, 
and  really  all  of  that  cost  reduction,  that  $1  billion,  has 
come  out  of  the  operational  side  of  the  budget.  What  it 
costs  just  to  keep  things  running  for  support  and  mainte¬ 
nance  of  all  the  disparate  stuff  that  we  had. 

A  lot  of  that  cost  reduction  came  from  server  consolidation? 

It’s  getting  rid  of  multiple  databases  and  the  attendant 
support  that  goes  along  with  it  —  going  from  15  small 
servers  to  two  big  ones. 

See  GM,  page  57 
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General  Motors'  Information  Systems  &  Services 
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all  of  GM’s  businesses,  globally. 

2,000  internal,  working  with  outsourcers. 

Less  than  $3  billion 

Bachelor’s  degree  in  information  systems  management,  University 
of  San  Francisco;  juris  doctorate  from  Santa  Clara  University. 

Vice  president  of  information  management,  Bristol-Myers  Squibb. 
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Let’s  get  comfortable 

Creating  comfort  noise  is  a  multi-step  process. 


i  Phone  signals  when  the 
speaker  has  stopped  talking. 


3  Sending  phone  stops  sending 
background  noise. 


Qf 

2  Receiving  phone  samples  the 
natural  background  noise 
being  sent  with  no  one  talking. 


4  Phone  generates  an 
approximation  of  the  natural 
background  noise. 


Noise 

continued  from  page  1 

found  it  unnerving,  compelling 
them  to  ask, “Are  you  still  there?” 

The  solution  was  to  turn  on 
comfort  noise,  technology  that 
delicately  blends  selected 
sound  frequencies  at  just  the 
right  volume  to  create  the 
impression  that  the  phone  line 
is  still  alive  and  to  satisfy  the 
need  to  know  that  someone  is 
listening. 

“We  thought, ‘Wow,  some  of 
these  phones  are  really  really 
clear  and  quiet,’” says  Longhini, 
who  was  evaluating  Cisco  VoIP 
gear  two  years  ago  for  door  and 
window  maker  Kolbe  &  Kolbe. 
“The  discussion  came  up  that  if 
it’s  too  quiet,  then  people  get 
uptight.  Interesting  concept: You 
get  to  the  point  where  the  call 
quality  is  almost  too  good.” 

The  eerie  silence  is  a  result  of 
packet  technology  The  problem 
has  been  around  for  about  30 
years,  as  long  as  there  have  been 
digital  phone  transmissions  in 
wide  use.  It  has  been  dealt  with 
in  the  worlds  of  TDM,  frame  relay 
and  ATM,  and  now  is  being 
addressed  to  make  VoIP  easier 
on  the  ear. 

The  European  Telecommunica¬ 
tions  Standards  Institute  has 
scheduled  tests  for  September  to 
measure  ear-to-ear  quality  of  VoIP 
calls.Vendors  will  run  their  gear 
through  performance  trials  to 
determine,  among  other  things, 
how  good  their  comfort  noise  is. 

The  IETF  also  is  working  on 
specifications  for  VoIP  coder- 
decoders  that  include  comfort 


GM 

continued  from  page  56 

That  $1  billion  is  a  huge  number.  Is 
there  anything  out  of  that  where  you 
felt  that  you  were  giving  up  some¬ 
thing?  Or  was  it  really  just  a  matter 
of  cutting  out  inefficiencies? 

To  be  frank,  some  people 
would  probably  say  they  thought 
they  gave  things  up  initially  This 
is  just  the  natural  human  reac¬ 
tion  to  the  furniture  being  re¬ 
arranged;  it’s  just  not  comfortable 
at  first.  But  after  an  initial  period, 
the  pretty  universal  reaction 
would  be,  longer-term,  the  right 
thing  to  do  and  no  long-term  ill 
effects  from  any  of  that.  And  if 
you  asked  our  business  customer 
—  the  guy  that’s  not  in  IT  and 
may  have  not  touched  it  as 
directly  except  as  an  end  user  — 
they’d  say  they’ve  seen  dramatic 
benefits  in  terms  of  reliability 
and  consistency  of  service.  We’ve 


noise  generation,  again  with  the 
goals  of  multi-vendor  interoper¬ 
ability  and  boosting  the  overall 
quality  of  comfort  noise. 

The  better  these  organizations 
do  their  work,  the  less  end  users 
notice  it. Vendors  are  spending  a 
lot  of  time,  money  and  brain 
power  to  create  something  that 
in  its  best  form  doesn’t  get 
noticed  at  all. 

The  inherent  profound  silence 
of  packet  voice  technology 
stems  from  one  of  packets’  main 
attractions:  When  there  is  no 
voice  to  send,  no  packets  get 
sent  so  bandwidth  doesn’t  get 
wasted  on  nothing.  Because 
about  60%  of  a  conversation  is 
made  up  of  silence,  a  lot  of  that 
bandwidth  can  be  used  for 
something  else. 

The  downside  is  that  if  receiv¬ 
ing  phones  get  no  packets  they 
generate  no  noise,  so  it  sounds 
like  the  connection  has  broken. 
Before  packet  voice  technology 
based  on  TDM  was  developed, 


seen  our  performance  numbers, 
availability  numbers,  reliability 
numbers  go  way  up. 

Is  that  something  you  measure? 

Absolutely  It’s  built  into  the  out¬ 
source  contracts  that  we  have, 
their  service-level  agreements.  We 
get  money  back  from  the  suppli¬ 
ers  when  they  don’t  meet  those 
levels. 

You  mentioned  recently  that  you  are 
going  to  Windows  XP.  Why  make  that 
move  now? 

We’re  past  the  first  service 
pack  or  two,  which  is  the  first 
test.  But  we’re  increasingly  a 
mobile  world,  and  we  like  the 
support  that  you  get  for  mobility 
in  XPWe  like  the  reliability  that 
we’re  starting  to  see.  And  then 
there  are  applications  that  are 
starting  to  be  designed  for  XP 
that  need  a  bigger  memory 
model  or  faster  processors.  In 


phone  connections  were  analog, 
and  the  phones  didn’t  stop  send¬ 
ing  when  speakers  stopped 
speaking.  Lines  sounded  open 
until  someone  hung  up.  Comfort 
noise  wasn’t  needed  because 
real  noise  filled  the  void. 

In  packet  networks,  the  long¬ 
standing  answer  to  silence  has 
been  for  gear  at  both  ends  to 
create  background  noise  on 
their  own.  With  VoIP  this  comfort 
noise  is  generated  in  the  receiv¬ 
ing  phone  itself,  so  the  noise 
takes  up  no  bandwidth  on  trans¬ 
mission  lines,  but  that  is  not  a 
simple  task. 

Comfort  noise  generators  and 
companion  technology  called 
voice  activity  detectors  (VAD) 
make  comfort  noise  happen. 
VAD  software  listens  to  the  con¬ 
versation  and  signals  when  a 
voice  stops  by  sending  a  silence 
identifier  (SID)  frame.  Silence  is 
determined  by  a  drop  in  energy, 
and  the  threshold  is  set  on  the 
fly  says  Yann  Lejas,a  research 


the  high-end  CAD  arena,  for 
example,  some  applications  just 
aren’t  going  to  run  on  Windows 
2000. 

One  other  technology  I  wanted  to 
throw  out  there  is  VoIP.  Is  that  some¬ 
thing  that  you're  considering  doing? 

We  have  it  already  Our  non- 
North  America  sites  have  really 
been  the  leader  in  this,  so  Latin 
America  and  Asia-Pacific  in  par¬ 
ticular  have  jumped  on  the 
bandwagon  for  VoIP  the  earliest. 
This  is  probably  a  technology 
that’s  going  to  move  from  the 
outside  in. 

Are  you  seeing  savings? 

Yeah.  And  it’s  not  just  cost  sav¬ 
ings.  Sometimes  it’s  just  easier  to 
implement  than  the  old.  As  we 
build  new  facilities,  it’s  a  pretty 
easy  choice  today  to  put  in  VoIP 
rather  than  wire  up  for  the  old 
legacy  environment.* 


and  development  engineer  for 
Global  IP  Sound,  which  makes 
speech  processing  software. 

An  SID  triggers  a  receiving 
handset  to  sample  background 
noise  and  to  imitate  it  as  best  it 
can. “If  the  comfort  noise  gener¬ 
ated  was  too  quiet  or  too  loud 
or  was  the  wrong  pitch,  that 
would  bother  the  listener?  Lejas 
says.  If  the  background  noise 
stays  constant,  the  next  time  the 
VAD  indicates  silence,  no  SID  is 
sent  and  the  comfort  noise  gen¬ 
erator  generates  the  same  kind 
of  comfort  noise  it  did  for  the 
previous  silence. 

The  best  comfort  noise  doesn’t 
just  give  that  open-line  sound.  It 
also  tries  to  imitate  whatever 
ambient  noise  is  audible  in  the 
background  at  the  speaker’s  end. 
So  if  a  person  is  speaking  in  a 
room  with  a  tea  kettle  whistling, 
it  will  be  jarring  to  the  listener  if 
the  whistle  disappears  altogether 
when  the  person  stops  talking.  It 
also  will  be  jarring  if  the  whist¬ 
ling  is  replaced  by  comfort  noise 
that  sounds  like  a  vacuum  clean¬ 
er  rather  than  a  tea  kettle.The 
most  convincing  comfort  noise 
is  a  mix  of  sound  at  the  right  vol¬ 
ume  that  is  made  up  of  the  right 
mix  of  sound  frequencies  to 
mimic  what  would  have  been 
heard  if  the  call  were  being 
made  on  an  analog  line,  accord¬ 
ing  to  Global  IP  Sound. 

“With  the  processing  power 
we  have  today,  we  can  do  a  lot 
more,”  says  Roger  Gutzwiller, 
marketing  director  of  the  tele¬ 
com  division  of  voice  process¬ 
ing  company  Head  Acoustics. 
Ten  years  ago,  comfort  noise 
was  closer  to  generic  white 
noise. 

The  algorithms  used  to  calcu¬ 
late  and  simulate  background 
noise  are  well  established,  but 
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they  must  be  adapted  to  fit  new 
transport  technologies  such  as  IP 
This  can  take  time.  When  new 
technologies  that  can  carry 
voice  have  come  along,  people 
have  adopted  them  initially  to 
save  money  on  long-distance 
links, says  Hank  Lambert,  an 
enterprise  call-control  product 
manager  for  Cisco.  For  example, 
voice  over  frame  relay  often  was 
used  because  it  could  travel  over 
existing  data  pipes  at  no  extra 
charge  and  reduce  long-distance 
costs  between  company  sites. 

For  such  intra-company  use, 
comfort  noise  initially  was  left 
out  to  minimize  bandwidth  that 
voice  occupied,  he  says.The 
costs  savings  outweighed  the 
odd  dead  silence.  Because  all 
the  phone  users  worked  for  the 
same  company  they  were  forced 
to  get  used  to  it. 

But  as  the  technology  ma¬ 
tured,  customers  demanded 
comfort  noise,  especially  if  peo¬ 
ple  from  outside  the  company 
also  used  the  lines.The  same 
has  been  true  with  IP  “Initially, 
they  decided  to  try  it  without 
comfort  noise,”  Lambert  says,  but 
soon  learned  that  the  result  was 
too  uncomfortable.  Now  com¬ 
fort  noise  is  pretty  much  a  given 
in  IP  phone  gear. 

That  is  a  relief  to  Longhini,  who 
is  evaluating  VoIP  for  his  current 
employer,  Jennie-0  Turkey  Store, 
a  billion-dollar  subsidiary  of 
Hormel  based  in  Willmar,Minn. 
He’s  in  the  midst  of  polling  select 
users  on  their  thoughts  about  IP 
voice,  and  it  seems  that  with 
comfort  noise  in  most  VoIP  gear, 
they  have  nothing  to  complain 
about.“So  far  it  hasn’t  come  up,” 
he  says.  ■ 
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Adverts  No, 

Last  week  we  were  discussing 
what  was  described  as  “a  real 
concern”  by  Stephen  Mahaney 
president  of  Planet  Ocean  Commun¬ 
ications,  an  “Internet  marketing  com¬ 
pany” —  to  wit,  the  fact  that  Syman¬ 
tec  Norton  Internet  Security  2004 
installs,  by  default,  with  ad  blocking 
switched  “on”  (oh  the  horror,  the  horror!). 

Perhaps  I’m  out  of  the  loop  on  this  one,  but  I’m  not 
the  least  bit  concerned  that  ads  are  being  wantonly 
suppressed.  On  the  other  hand,  and  the  thing  that  I 
expressed  concern  about  last  week,  Norton  doesn’t 
tell  you  what  their  software  is  doing,  which  is  what 
gave  my  friend  Jim  the  problem  I  explained. 

Reader  Jeanne  Case  commented:“Perhaps  [Jim] 
didn’t  read  his  documentation?  1  usually  don’t  either. 
...  I  would  say  he  is  a  smart  user  who,  for  the  mo¬ 
ment,  was  naive  expecting  an  ad  blocker  not  to 
block  ads.  What  did  he  expect  it  to  do?” 

Jim’s  response:  “I  would  agree  with  you  100%  if  I 
had  purchased  an  ad  blocker,  but  1  did  not.  I  bought 
a  personal  firewall  and  virus  protection  system. . . . 
My  problem  was  that  Norton  provided  a  feature  I 
had  not  desired,  did  not  plan  to  use  and  was  not 
even  aware  was  included.” 

Jeanne  continued:“Norton  needs  ad  blocking  set 
one  way  or  another,  and  it  seems  like  ‘on’  makes 


blocking  Yes 

the  most  sense.” 

I  agree  that  “on”  makes  the  most  sense,  but  1  also 
believe  that  if  software  products  don’t  lead  you 
through  a  configuration  process  where  you  define  or 
accept  the  settings,  then  they  should  warn  you  in 
context  what  default  settings  are  effective.  In  this 
case,  when  the  first  blocked  Web  page  loads,  Norton 
should  make  it  clear  what  action  is  being  taken  and 
offer  you  the  standard  “Check  here  if  you  don’t  want 
to  see  this  warning  in  future”  dialog. 

This  hidden  default  functionality  is  a  problem  you 
find  in  lots  of  software  products  —  many  publishers 
assume  you  have  the  time,  interest  and  aspirin  on 
hand  to  struggle  through  their  crappy  manuals.The 
trouble  with  manuals  is  that  they  are  usually  inade¬ 
quate  in  explaining  anything  beyond  the  basics. 

But  let  us  return  to  the  other  issue  —  the  “real  con¬ 
cern”  some  Internet  marketers  have  with  Norton 
blocking  ads  by  default. 

Mahaney  wrote  in  his  article  (see  www.nwfusion. 
com,  DocFinder:  2787)  “Symantec  almost  has  a  lock 
on  the  Internet  security  business  via  their  Norton 
Anti-Virus  Protection  niche.  And  now,  [Norton 
Personal  Firewall/Internet  Security  2004 
(NPFW/IS2004)]  is  being  used  on  the  overwhelming 
majority  of  new  corporate  and  personal  computers. 
Furthermore,  NPFW/IS2004  is  being  bundled  with 
many,  if  not  most,  new  systems  being  shipped.  It’s  the 


No.  1  Internet  security  software  and  it's  doing  its  best 
to  torpedo  your  advertising  efforts.” 

Regardless  of  whether  he  has  his  facts  right  about 
the  acceptance  of  Norton’s  tool,  as  a  marketer  he 
believes  it  is  his  right  for  you  to  see  his  ads.  Forget 
about  whether  you’re  interested,  about  whether 
you’re  giving  any  kind  of  permission  for  him  to 
“pitch”  to  you,  he  and  his  ilk  are  insistent  that  you 
should  “have  the  right”  to  see  their  ads. 

Mahaney  says  in  his  article:“The  question  being 
asked  right  now  is:  Is  this  legal?  . . .  Especially  in  light 
of  the  fact  that  Symantec  is  selling  Norton  as 
Internet  Security  —  actually  a  firewall,  not  an  ad 
blocker. There  are  some  who  feel  it  violates  restraint 
of  trade  laws.They  may  be  right.” 

Mahaney’s  argument  sounds  like  he’s  accusing 
Symantec  of  misrepresentation,  which  is  plain  silly 
And  while  I  am  not  a  lawyer  (honest),  I’ve  looked  at 
the  restraint  of  trade  laws  and  I  can’t  see  how  that 
argument  could  stand  up  in  court. 

I  suspect  that  the  rabid  Internet  marketers  are  start¬ 
ing  to  see  that  their  business  models  based  on  forc¬ 
ing  you  to  view  pop-ups,  pop-unders,  and  the  display 
of  countless  in-page  ads  are  doomed. 

So  far,telling  advertisers  “no”  hasn’t  worked. Turning 
blocking  “on”  will. 

Cries  of  “yes!”  to  backspin@gibbs.com. 
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By  Paul  McNamara 

Wearing  'Net  blinders 

There  is  something  about  the  Internet 
that  blinds  people  when  it  comes  to 
what  should  be  rather  simple  matters  of  right  and  wrong. 

Music  “sharing"  is  the  classic  example,  of  course,  but  I  had  a  curious  conver¬ 
sation  with  a  friend  recently  about  NetFlix,  the  online  movie  rental  company 
that  lets  you  watch  all  the  DVDs  you  can  stand  for  a  flat  fee  of  $22  per  month. 
This  friend  —  as  honest  as  the  day  is  long,  near  as  I  can  tell  —  told  me  he 
“shares”  a  subscription  with  his  brother’s  family  down  the  street.Translation: 
Two  families  avail  themselves  of  the  NetFlix  stock  for  the  price  of  one  sub¬ 
scription. 

I  was  too  polite  (chicken  maybe?)  to  suggest  to  the  fellow  that  perhaps  this 
sharing  isn’t  fair  to  the  families  who  depend  on  the  success  of  NetFlix  to  put 
food  on  their  tables.  I'd  be  astounded  if  the  thought  ever  crossed  his  mind,  and 
it  sounds  kind  of  preachy  to  bring  it  up  .  . .  even  here. 

But  what  they're  doing  is  wrong,  no?  Not  a  big,  fat,  hairy  wrong,  but  wrong. 

Or  take  the  woman  quoted  in  a  recent  Boston  Globe  story  who  sees  nothing 
wrong  with  wirelessly  tapping  into  a  neighbor’s  unprotected  broadband 
Internet  connection. 

"I  don't  think  of  it  as  stealing,”  she  says.  “They’ve  left  their  network  open.  If 
they're  going  to  leave  it  open,  then  it’s  there  for  the  taking." 

No  mention  of  the  service  provider  or  its  interest  in  "the  taking.” 

By  the  way,  the  woman  allowed  the  newspaper  to  use  her  name,  which  I  won't 
repeat  here  on  the  off  chance  that  her  parents  work  in  the  network  industry.  No 
need  to  add  to  their  humiliation. 

The  woman's  sentiments  can  be  found  echoed  in  online  forums  where  the  Wi- 
F  piggybacking  matter  is  getting  discussed  with  greater  frequency  as  more 
and  more  individuals  discover  how  easy  it  is  to  avoid  paying  for  broadband 


wireless.  What  the  service  providers  are  doing  to  address  this  remains  fuzzy, 
too,  although  there  seems  little  doubt  they  are  heading  for  their  own  Napster- 
like  showdown  with  the  freebie-loving  'Net  culture  someday  soon. 

OK,  I'll  get  down  from  the  soapbox  now. 

CAN-SPAM  flim-flam 

Not  even  the  bill’s  sponsors  should  be  surprised,  but  evidence  is  beginning  to 
pile  high  that  last  year's  much-ballyhooed  CAN-SPAM  legislation  hasn’t  been 
worth  a  tinker's  damn  in  terms  of  canning  spam. 

Vercom,  a  Montreal  e-mail  security  company,  recently  churnqd  through  a 
half-million  spams  —  hey,  somebody's  got  to  do  it  —  and  found  that  only  one  of 
every  7,500  complied  fully  with  CAN-SPAM. 

Yes,  indeed,  we’re  talking  wanton  disrespect  for  the  law  here.  Now  everyone 
raise  a  hand  who  expected  anything  different  from  your  run-of-the-mill 
spammer. 

Yet  some  of  the  details  within  the  Vercom  study  were  surprising  and/or  amusing. 

•  About  40%  of  the  sampled  spam  included  mandatory  opt-out  instructions, 
which  strikes  me  as  high  and  might  seem  like  a  worthwhile  accomplishment  for 
the  legislation  were  it  not  for  the  next  finding. 

•  Only  12%  of  the  senders  actually  honored  opt-out  requests,  which  when 
you  think  about  it  is  also  a  higher  number  than  might  be  expected. 

•  About  30%  featured  an  honest  subject  line,  with  honest  being  defined  as 
accurately  reflecting  the  content  of  the  message.  Nothing  should  be  presumed 
relative  to  the  honesty  of  the  offers  inside. 

But  here's  my  favorite  finding  from  the  report:  Only  131  of  the  half-million 
spams  included  the  required  physical  mailing  address,  proving  once  again  that 
spammers  may  be  unscrupulous,  but  they  ain’t  no  fools. 

You  should  write  to  me  if  for  no  other  reason  than  to  support  my  willingness  to 
put  an  address  out  there  for  any  spammer  to  see.  It’s  buzz@nww.com. 


HP  can  help  you  predict  the  business  benefits  of  a  large-scale  wireless  solution  without  large-scale  risks,  when 

you  envision  your  ideal  enterprise-wide  wireless  solution,  what  do  you  see?  No  doubt  security,  manageability,  scalability  and  flexibility  jump  immediately 
into  focus.  HP  can  now  offer  you  a  glimpse  into  your  wireless  future  by  helping  you  develop  a  wireless  pilot  designed  for  your  business.  Our  service 
professionals  will  help  you  build  an  end-to-end,  secure  wireless  network  using  HP  open-standards  technologies.  These  work  in  conjunction  with  a  wide 
range  of  tested,  best-of-breed  solutions  from  our  strategic  software  partners,  so  you  are  not  confined  by  a  limited  selection  of  proprietary  products.  HP 
pilots  offer  a  unique  opportunity  to  tally  the  business  benefits  of  a  well-planned  wireless  network  before  you  move  to  a  full-scale  implementation.  And  of 
course,  we'll  provide  a  wealth  of  choices,  so  you'll  be  assured  your  pilot  is  a  perfect  fit  for  your  business.  Demand  confidence  in  wireless  technologies. 
Demand  proven  cost-efficiency.  Demand  HR 


HP  recommends  Microsoft®  Windows®  XP  Professional  for  Mobile  Computing. 


invent 


Begin  building  a  wireless  pilot  by  visiting 
www.hp.com/go/mobility4  today. 


A  standard  WLAN  infrastructure,  other  Bluetooth-enabled  devices  and  a  service  contract  with  a  wireless  airtime  provider  may  be  required  for  applicable  wireless  communication.  Wireless  Internet  use  requires  a  separately  purchased  service  contract.  Check  t 
service  provider  for  availability  and  coverage  in  your  area.  Not  all  Web  content  available.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  ©2004  Hewlett-Packard  Development  Company,  i  • 
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You  don’t  have  to  be  big  to  think  big.  Or  to  run  SAP®  With  a  variety  of  solutions  for  small  and  midsize  businesses, 
SAP  is  an  affordable  choice  for  growing  companies.  Working  with  partners  experienced  in  your  industry,  SAP  can 
deliver  scalable  solutions  to  make  your  business  run  more  efficiently.  And  do  it  faster  than  you  ever  thought 
possible.  Visit  sap.com/value  or  call  800  880  1727  to  see  big  ideas  for  your  company. 


COMPANIES  THAT 
THOUGHT  THEY 
COULDN'T  AFFORD  SAP 

RUN  SAP 
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